Summary
Detail | |||
---|---|---|---|
Vendor | Cisco | First view | 2007-04-02 |
Product | Unified Callmanager | Last view | 2007-07-15 |
Version | 3.3(3)sr1 | Type | Application |
Update | * | ||
Edition | * | ||
Language | * | ||
Sofware Edition | * | ||
Target Software | * | ||
Target Hardware | * | ||
Other | * | ||
CPE Product | cpe:2.3:a:cisco:unified_callmanager |
Activity : Overall
Related : CVE
Date | Alert | Description | |
---|---|---|---|
10 | 2007-07-15 | CVE-2006-5278 | Integer overflow in the Real-Time Information Server (RIS) Data Collector service (RisDC.exe) in Cisco Unified Communications Manager (CUCM, formerly CallManager) before 20070711 allow remote attackers to execute arbitrary code via crafted packets, resulting in a heap-based buffer overflow. |
9.3 | 2007-07-15 | CVE-2006-5277 | Off-by-one error in the Certificate Trust List (CTL) Provider service (CTLProvider.exe) in Cisco Unified Communications Manager (CUCM, formerly CallManager) before 20070711 allow remote attackers to execute arbitrary code via a crafted packet that triggers a heap-based buffer overflow. |
5 | 2007-04-02 | CVE-2007-1833 | The Skinny Call Control Protocol (SCCP) implementation in Cisco Unified CallManager (CUCM) 3.3 before 3.3(5)SR2a, 4.1 before 4.1(3)SR4, 4.2 before 4.2(3)SR1, and 5.0 before 5.0(4a)SU1 allows remote attackers to cause a denial of service (loss of voice services) by sending crafted packets to the (1) SCCP (2000/tcp) or (2) SCCPS (2443/tcp) port. |
Open Source Vulnerability Database (OSVDB)
id | Description |
---|---|
36122 | Cisco Unified Communications Manager (CUCM) Certificate Trust List (CTL) Prov... |
36121 | Cisco Unified Communications Manager (CUCM) Real-Time Information Server (RIS... |
34595 | Cisco Unified CallManager (CUCM) Skinny Call Control Protocol (SCCP) Crafted ... |