Lucene search

[email protected]CVE-2008-5180

HistoryNov 20, 2008 - 3:30 p.m.

CVE-2008-5180

2008-11-2015:30:00

CWE-770

[email protected]

web.nvd.nist.gov

microsoft

communicator

denial of service

sip invite

cve-2008-5180

nvd

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.4 Medium

AI Score

Confidence

High

0.63 Medium

EPSS

Percentile

97.9%

JSON

Microsoft Communicator, and Communicator in Microsoft Office 2010 beta, allows remote attackers to cause a denial of service (memory consumption) via a large number of SIP INVITE requests, which trigger the creation of many sessions.

Affected configurations

NVD

Node

microsoftoffice_communicator

CPENameOperatorVersion
microsoft:office_communicatormicrosoft office communicatoreq*

CPE	Name	Operator	Version
microsoft:office_communicator	microsoft office communicator	eq	*

References

secunia.com/advisories/32940

www.exploit-db.com/exploits/12079

www.securityfocus.com/bid/39221

www.securitytracker.com/id?1021294

www.voipshield.com/research-details.php?id=133

exchange.xforce.ibmcloud.com/vulnerabilities/46673

exchange.xforce.ibmcloud.com/vulnerabilities/57581

www.exploit-db.com/exploits/7262

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.4 Medium

AI Score

Confidence

High

0.63 Medium

EPSS

Percentile

97.9%

JSON

Related for CVE-2008-5180

exploitpack1 cvelist1 prion1 packetstorm1 nvd1 seebug1 exploitdb1