CyberSec.Space Logo
CVEブラウザに戻る

CVE-2002-0671

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.1980%
EPSS Percentile17.16th
Published2002年7月23日
Last Modified2026年4月16日

Vulnerability Description

Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 downloads phone applications from a web site but can not verify the integrity of the applications, which could allow remote attackers to install Trojan horse applications via DNS spoofing.

Affected Platforms (CPE)

💻
Pingtel

Xpressa Firmware

= 1.2.5
💻
Pingtel

Xpressa Firmware

= 1.2.7.4

References & Advisories

🔗 http://www.atstake.com/research/advisories/2002/a071202-1.txt
🔗 http://www.iss.net/security_center/static/9566.php
🔗 http://www.pingtel.com/PingtelAtStakeAdvisoryResponse.jsp
🔗 http://www.securityfocus.com/bid/5224
🔗 http://www.atstake.com/research/advisories/2002/a071202-1.txt
🔗 http://www.iss.net/security_center/static/9566.php
🔗 http://www.pingtel.com/PingtelAtStakeAdvisoryResponse.jsp
🔗 http://www.securityfocus.com/bid/5224

関連する脆弱性情報

CVE-2004-16805.0

application.cgi in the Pingtel Xpressa handset running firmware 2.1.11.24 allows remote authenticated users to cause a denial of s...

CVE-2002-06754.6

Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 does not require administrative privileges to perform a firmwa...

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...

CVE-2026-121905.3

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the compo...