Technical Description
A vulnerability has been identified in AGEphone, which could beexploited by remote attackers to execute arbitrary commands or cause adenial of service. This flaw is due to a buffer overflow error in the"sipd.dll" library when processing specially crafted "SIP" packets,which could be exploited by remote attackers to execute arbitrary codewith the privileges of the logged in user.
Affected Products
AGEphone versions prior to 1.40
Solution
Upgrade to AGEphone version 1.40 :
http://www.ageet.com/us/download.htm
