PicoPhone Internet Phone 1.63 - Remote Buffer Overflow

Author: Luigi Auriemma
type: dos
platform: hardware
port: 
date_added: 2004-03-24 
date_updated: 2013-01-09 
verified: 1 
codes: CVE-2004-1854;OSVDB-4550 
tags: 
aliases:  
screenshot_url:  
application_url: 

source: https://www.securityfocus.com/bid/9969/info

It has been reported that Picophone is prone to a remote buffer overflow vulnerability. This issue is due to the application failing to verify the size of user input before storing it in a finite buffer.

Successful exploitation of this issue will cause a denial of service condition to be triggered. The attacker may also leverage this issue to execute arbitrary code; this code would be executed in the security context of the user running the affected process.

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/23876.zip