Описание
Integer overflow in the Real-Time Information Server (RIS) Data Collector service (RisDC.exe) in Cisco Unified Communications Manager (CUCM, formerly CallManager) before 20070711 allow remote attackers to execute arbitrary code via crafted packets, resulting in a heap-based buffer overflow.
Ссылки
- Third Party Advisory
- Third Party AdvisoryVDB Entry
- PatchVendor Advisory
- Broken Link
- Broken Link
- Third Party AdvisoryVDB Entry
- Permissions RequiredThird Party Advisory
- Third Party AdvisoryVDB Entry
- Third Party Advisory
- Third Party AdvisoryVDB Entry
- PatchVendor Advisory
- Broken Link
- Broken Link
- Third Party AdvisoryVDB Entry
- Permissions RequiredThird Party Advisory
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1Версия от 3.3 (включая) до 3.3\(5\)sr2 (включая)Версия от 4.1 (включая) до 4.1\(3\)sr4 (включая)Версия от 4.2 (включая) до 4.2\(3\)sr1 (включая)Версия от 5.1 (включая) до 5.1\(2\) (включая)Версия от 4.3 (включая) до 4.3\(1\) (включая)
Одно из
cpe:2.3:a:cisco:unified_callmanager:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_callmanager:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_callmanager:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_callmanager:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_callmanager:5.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*
EPSS
Процентиль: 93%
0.09727
Низкий
10 Critical
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Integer overflow in the Real-Time Information Server (RIS) Data Collector service (RisDC.exe) in Cisco Unified Communications Manager (CUCM, formerly CallManager) before 20070711 allow remote attackers to execute arbitrary code via crafted packets, resulting in a heap-based buffer overflow.
EPSS
Процентиль: 93%
0.09727
Низкий
10 Critical
CVSS2
Дефекты
NVD-CWE-Other