Executive Summary

Informations
NameCVE-2009-2874First vendor Publication2009-10-16
VendorCveLast vendor Modification2017-08-16

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C)
Cvss Base Score7.8Attack RangeNetwork
Cvss Impact Score6.9Attack ComplexityLow
Cvss Expoit Score10AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

The TimesTenD process in Cisco Unified Presence 1.x, 6.x before 6.0(6), and 7.x before 7.0(4) allows remote attackers to cause a denial of service (process crash) via a large number of TCP connections to ports 16200 and 22794, aka Bug ID CSCsy17662.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2874

CAPEC : Common Attack Pattern Enumeration & Classification

idName
CAPEC-2Inducing Account Lockout
CAPEC-82Violating Implicit Assumptions Regarding XML Content (aka XML Denial of Servi...
CAPEC-147XML Ping of Death
CAPEC-228Resource Depletion through DTD Injection in a SOAP Message

CWE : Common Weakness Enumeration

%idName

CPE : Common Platform Enumeration

TypeDescriptionCount
Application12

Open Source Vulnerability Database (OSVDB)

idDescription
59057Cisco Unified Presence TimesTenD TCP Connection Saturation Remote DoS

Sources (Detail)

SourceUrl
BID http://www.securityfocus.com/bid/36675
CISCO http://www.cisco.com/en/US/products/products_security_advisory09186a0080afc93...
SECTRACK http://securitytracker.com/id?1023018
VUPEN http://www.vupen.com/english/advisories/2009/2915
XF https://exchange.xforce.ibmcloud.com/vulnerabilities/53772

Alert History

If you want to see full details history, please login or register.
0
1
2
DateInformations
2017-08-17 09:22:41
  • Multiple Updates
2016-04-26 19:02:58
  • Multiple Updates
2013-05-10 23:55:49
  • Multiple Updates