VYPR

Kphone

by Kphone

CVEs (2)

  • CVE-2004-1940Dec 31, 2004
    risk 0.03cvss epss 0.04

    sipclient.cpp in KPhone 4.0.1 and earlier allows remote attackers to cause a denial of service (crash) via a STUN response packet with a large attrLen value that causes an out-of-bounds read.

  • CVE-2006-2442May 18, 2006
    risk 0.00cvss epss 0.00

    kphone 4.2 creates .qt/kphonerc with world-readable permissions, which allows local users to read usernames and SIP passwords.