From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. Vulnerability Description: - Vulnerability Type: Buffer overflow and Denial of Service (DoS) vulnerabilities. - Affected Products: Cisco IP Phones Series 68xx/78xx/88xx. - Root Cause: Missing checks in the implementation of Cisco Discovery Protocol and Link Layer Discovery Protocol (LLDP) allow unauthorized attackers to remotely execute code or cause affected IP phones to reload. - Exploitation: Attackers can exploit these vulnerabilities by sending malicious Cisco Discovery Protocol or LLDP packets to the target IP phone. Successful exploitation may allow attackers to execute code on the affected IP phone or cause it to reload unexpectedly, resulting in a Denial of Service (DoS) condition. 2. Affected Products List: - IP Conference Phone 7832 - IP Conference Phone 7832 with Multiplatform Firmware - IP Conference Phone 8832 - IP Conference Phone 8832 with Multiplatform Firmware - IP Phone 6821, 6841, 6851, 6861, 6871 with Multiplatform Firmware - IP Phone 7811, 7821, 7841, 7861 Desktop Phones - IP Phone 7811, 7821, 7841, 7861 Desktop Phones with Multiplatform Firmware - IP Phone 8811, 8841, 8851, 8861, 8845, 8865 Desktop Phones - IP Phone 8811, 8841, 8851, 8861, 8845, 8865 Desktop Phones with Multiplatform Firmware - Unified IP Conference Phone 8831 - Unified IP Conference Phone 8831 for Third-Party Call Control - Wireless IP Phone 8821, 8821-EX - Cisco SPA525G 5-Line IP Phone 3. Products Confirmed Not Affected: - Cisco Unified IP Phone 6901 - Cisco Unified IP Phone 6911 - Cisco ATA 191 Analog Telephone Adapter - Cisco ATA 190 Analog Telephone Adapter - Webex Room Phone - Cisco Unified IP Phone 3905 - Cisco SPA112 2-Port Phone Adapter - Cisco SPA122 Analog Telephone Adapter (ATA) with Router - Cisco SPA232D Multi-Line DECT Analog Telephone Adapter (ATA) - Cisco IP DECT 6800 Series with Multiplatform Firmware 4. Workarounds: - No workarounds are available. 5. Fixed Software Versions: - IP Conference Phone 8832 with Multiplatform Firmware - IP Phone 6821, 6841, 6851, 6861, 6871 with Multiplatform Firmware - IP Phone 7811, 7821, 7841, 7861 Desktop Phones - IP Phone 7811, 7821, 7841, 7861 Desktop Phones with Multiplatform Firmware - IP Phone 8811, 8841, 8851, 8861, 8845, 8865 Desktop Phones - IP Phone 8811, 8841, 8851, 8861, 8845, 8865 Desktop Phones with Multiplatform Firmware - Unified IP Conference Phone 8831 - Unified IP Conference Phone 8831 for Third-Party Call Control - SPA525G 5-Line IP Phone - Cisco Unified IP Phone 7900 Series - Wireless IP Phone 8821 and 8821-EX 6. Public Announcements and Exploitation: - No public announcements or malicious exploitation of these vulnerabilities have been identified. 7. Source: - Thanks to Qian Chen of Qihoo 360 Nirvan Team for reporting these vulnerabilities. 8. Revision History: - Version 1.0: Initial public release. This information provides a detailed description of the buffer overflow and Denial of Service vulnerabilities in Cisco IP Phones, including the list of affected products, fixed software versions, and source details.