VYPR
Get started
← All advisories
Unrated severityNVD Advisory· Published Oct 23, 2007· Updated Apr 23, 2026

CVE-2007-5640

CVE-2007-5640

Description

The Nortel UNIStim IP Softphone 2050, IP Phone 1140E, and additional Nortel products from the IP Phone, Business Communications Manager (BCM), Mobile Voice Client, and other product lines, allow remote attackers to block calls and force re-registration via a resume message to the Signaling Server that has a spoofed source IP address for the phone. NOTE: the attack is more disruptive if a new spoofed resume message is sent after each re-registration.

Affected products

16
  • Nortel/Business Communications Manager8 versions
    cpe:2.3:a:nortel:business_communications_manager:1000:*:*:*:*:*:*:*+ 7 more
    • cpe:2.3:a:nortel:business_communications_manager:1000:*:*:*:*:*:*:*
    • cpe:2.3:a:nortel:business_communications_manager:200:*:*:*:*:*:*:*
    • cpe:2.3:a:nortel:business_communications_manager:400:*:*:*:*:*:*:*
    • cpe:2.3:a:nortel:business_communications_manager:50:*:*:*:*:*:*:*
    • cpe:2.3:a:nortel:business_communications_manager:50a:*:*:*:*:*:*:*
    • cpe:2.3:a:nortel:business_communications_manager:50e:*:*:*:*:*:*:*
    • cpe:2.3:a:nortel:business_communications_manager:srg200:*:*:*:*:*:*:*
    • cpe:2.3:a:nortel:business_communications_manager:srg50:*:*:*:*:*:*:*
  • Nortel/Centrex Ip Client Manager
    cpe:2.3:a:nortel:centrex_ip_client_manager:*:*:*:*:*:*:*:*
  • Nortel/Centrex Ip Element Manager
    cpe:2.3:a:nortel:centrex_ip_element_manager:*:*:*:*:*:*:*:*
  • Nortel/Meridian Option 11c
    cpe:2.3:a:nortel:meridian_option_11c:*:*:*:*:*:*:*:*
  • Nortel/Meridian Option 51c
    cpe:2.3:a:nortel:meridian_option_51c:*:*:*:*:*:*:*:*
  • Nortel/Meridian Option 61c
    cpe:2.3:a:nortel:meridian_option_61c:*:*:*:*:*:*:*:*
  • Nortel/Meridian Option 81c
    cpe:2.3:a:nortel:meridian_option_81c:*:*:*:*:*:*:*:*
  • Nortel/Meridian Sl100
    cpe:2.3:a:nortel:meridian_sl100:cs2100:*:*:*:*:*:*:*
  • Nortel/Mobile Voice Client 2050
    cpe:2.3:a:nortel:mobile_voice_client_2050:*:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

8

News mentions

0

No linked articles in our index yet.