Summary
| Detail | |||
|---|---|---|---|
| Vendor | Cisco | First view | 2007-04-02 |
| Product | Unified Callmanager | Last view | 2007-07-15 |
| Version | 3.3(3)sr1 | Type | Application |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:a:cisco:unified_callmanager | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 10 | 2007-07-15 | CVE-2006-5278 | Integer overflow in the Real-Time Information Server (RIS) Data Collector service (RisDC.exe) in Cisco Unified Communications Manager (CUCM, formerly CallManager) before 20070711 allow remote attackers to execute arbitrary code via crafted packets, resulting in a heap-based buffer overflow. |
| 9.3 | 2007-07-15 | CVE-2006-5277 | Off-by-one error in the Certificate Trust List (CTL) Provider service (CTLProvider.exe) in Cisco Unified Communications Manager (CUCM, formerly CallManager) before 20070711 allow remote attackers to execute arbitrary code via a crafted packet that triggers a heap-based buffer overflow. |
| 5 | 2007-04-02 | CVE-2007-1833 | The Skinny Call Control Protocol (SCCP) implementation in Cisco Unified CallManager (CUCM) 3.3 before 3.3(5)SR2a, 4.1 before 4.1(3)SR4, 4.2 before 4.2(3)SR1, and 5.0 before 5.0(4a)SU1 allows remote attackers to cause a denial of service (loss of voice services) by sending crafted packets to the (1) SCCP (2000/tcp) or (2) SCCPS (2443/tcp) port. |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 36122 | Cisco Unified Communications Manager (CUCM) Certificate Trust List (CTL) Prov... |
| 36121 | Cisco Unified Communications Manager (CUCM) Real-Time Information Server (RIS... |
| 34595 | Cisco Unified CallManager (CUCM) Skinny Call Control Protocol (SCCP) Crafted ... |
