Lucene search

[email protected]CVE-2012-5445

HistoryDec 28, 2012 - 11:48 a.m.

CVE-2012-5445

2012-12-2811:48:44

CWE-20

[email protected]

web.nvd.nist.gov

cisco

native unix

cnu

cisco unified ip phone

tnp phones

cve-2012-5445

vulnerability

arbitrary code execution

denial of service

nvd

6.8 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:S/C:C/I:C/A:C

7.6 High

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

12.7%

JSON

The kernel in Cisco Native Unix (CNU) on Cisco Unified IP Phone 7900 series devices (aka TNP phones) with software before 9.3.1-ES10 does not properly validate unspecified system calls, which allows attackers to execute arbitrary code or cause a denial of service (memory overwrite) via a crafted binary.

Affected configurations

NVD

Node

ciscoskinny_client_control_protocol_softwareRange≤9.2\(4\)

ciscoskinny_client_control_protocol_softwareMatch1.0\(1\)

ciscoskinny_client_control_protocol_softwareMatch1.0\(2\)

ciscoskinny_client_control_protocol_softwareMatch1.0\(2\)sr1

ciscoskinny_client_control_protocol_softwareMatch1.0\(3\)

ciscoskinny_client_control_protocol_softwareMatch1.0\(4\)

ciscoskinny_client_control_protocol_softwareMatch1.0\(5\)

ciscoskinny_client_control_protocol_softwareMatch1.0\(9\)

ciscoskinny_client_control_protocol_softwareMatch1.1\(1\)

ciscoskinny_client_control_protocol_softwareMatch1.2\(1\)

ciscoskinny_client_control_protocol_softwareMatch1.3\(1\)

ciscoskinny_client_control_protocol_softwareMatch1.3\(2\)

ciscoskinny_client_control_protocol_softwareMatch1.3\(3\)

ciscoskinny_client_control_protocol_softwareMatch1.3\(4\)

ciscoskinny_client_control_protocol_softwareMatch1.3\(4\)sr1

ciscoskinny_client_control_protocol_softwareMatch1.4\(1\)

ciscoskinny_client_control_protocol_softwareMatch1.4\(2\)

ciscoskinny_client_control_protocol_softwareMatch2.0\(0\)

ciscoskinny_client_control_protocol_softwareMatch2.0\(1\)

ciscoskinny_client_control_protocol_softwareMatch3.0

ciscoskinny_client_control_protocol_softwareMatch3.0\(0\)

ciscoskinny_client_control_protocol_softwareMatch3.0\(1\)

ciscoskinny_client_control_protocol_softwareMatch3.0\(2\)

ciscoskinny_client_control_protocol_softwareMatch3.1

ciscoskinny_client_control_protocol_softwareMatch3.1\(1\)

ciscoskinny_client_control_protocol_softwareMatch3.1\(2\)

ciscoskinny_client_control_protocol_softwareMatch3.1\(3\)

ciscoskinny_client_control_protocol_softwareMatch3.1\(4\)

ciscoskinny_client_control_protocol_softwareMatch3.1\(6\)

ciscoskinny_client_control_protocol_softwareMatch3.1\(10\)

ciscoskinny_client_control_protocol_softwareMatch3.1\(11\)

ciscoskinny_client_control_protocol_softwareMatch3.2

ciscoskinny_client_control_protocol_softwareMatch3.2\(1\)

ciscoskinny_client_control_protocol_softwareMatch3.2\(2\)

ciscoskinny_client_control_protocol_softwareMatch3.2\(3\)

ciscoskinny_client_control_protocol_softwareMatch3.2\(4\)

ciscoskinny_client_control_protocol_softwareMatch3.2\(5\)

ciscoskinny_client_control_protocol_softwareMatch3.2\(6\)

ciscoskinny_client_control_protocol_softwareMatch3.2\(6a\)

ciscoskinny_client_control_protocol_softwareMatch3.2\(7\)

ciscoskinny_client_control_protocol_softwareMatch3.2\(8\)

ciscoskinny_client_control_protocol_softwareMatch3.2\(9\)

ciscoskinny_client_control_protocol_softwareMatch3.2\(10\)

ciscoskinny_client_control_protocol_softwareMatch3.2\(11\)

ciscoskinny_client_control_protocol_softwareMatch3.2\(12\)

ciscoskinny_client_control_protocol_softwareMatch3.2\(13\)

ciscoskinny_client_control_protocol_softwareMatch3.2\(14\)

ciscoskinny_client_control_protocol_softwareMatch3.2\(15\)

ciscoskinny_client_control_protocol_softwareMatch3.3\(2\)

ciscoskinny_client_control_protocol_softwareMatch3.3\(3\)

ciscoskinny_client_control_protocol_softwareMatch3.3\(4\)

ciscoskinny_client_control_protocol_softwareMatch3.3\(5\)

ciscoskinny_client_control_protocol_softwareMatch3.3\(6\)

ciscoskinny_client_control_protocol_softwareMatch3.3\(7\)

ciscoskinny_client_control_protocol_softwareMatch3.3\(8\)

ciscoskinny_client_control_protocol_softwareMatch3.3\(9\)

ciscoskinny_client_control_protocol_softwareMatch3.3\(10\)

ciscoskinny_client_control_protocol_softwareMatch3.3\(11\)

ciscoskinny_client_control_protocol_softwareMatch3.3\(12\)

ciscoskinny_client_control_protocol_softwareMatch3.3\(13\)

ciscoskinny_client_control_protocol_softwareMatch3.3\(14\)

ciscoskinny_client_control_protocol_softwareMatch3.3\(15\)

ciscoskinny_client_control_protocol_softwareMatch3.3\(16\)

ciscoskinny_client_control_protocol_softwareMatch3.3\(20\)

ciscoskinny_client_control_protocol_softwareMatch4.0\(0\)

ciscoskinny_client_control_protocol_softwareMatch4.1\(2\)

ciscoskinny_client_control_protocol_softwareMatch4.1\(3\)

ciscoskinny_client_control_protocol_softwareMatch4.1\(4\)

ciscoskinny_client_control_protocol_softwareMatch4.1\(5\)

ciscoskinny_client_control_protocol_softwareMatch4.1\(6\)

ciscoskinny_client_control_protocol_softwareMatch4.1\(7\)

ciscoskinny_client_control_protocol_softwareMatch5.0\(0\)

ciscoskinny_client_control_protocol_softwareMatch5.0\(1a\)

ciscoskinny_client_control_protocol_softwareMatch5.0\(3\)

ciscoskinny_client_control_protocol_softwareMatch5.0\(5\)

ciscoskinny_client_control_protocol_softwareMatch5.0\(6\)

ciscoskinny_client_control_protocol_softwareMatch5.0\(7\)

ciscoskinny_client_control_protocol_softwareMatch6.0\(0\)

ciscoskinny_client_control_protocol_softwareMatch6.0\(2\)sr2

ciscoskinny_client_control_protocol_softwareMatch6.0\(3\)

ciscoskinny_client_control_protocol_softwareMatch6.0\(3\)sr1

ciscoskinny_client_control_protocol_softwareMatch6.0\(4\)

ciscoskinny_client_control_protocol_softwareMatch6.0\(5\)

ciscoskinny_client_control_protocol_softwareMatch6.1\(0\)

ciscoskinny_client_control_protocol_softwareMatch6.1\(1\)

ciscoskinny_client_control_protocol_softwareMatch7.0\(1\)

ciscoskinny_client_control_protocol_softwareMatch7.0\(2\)

ciscoskinny_client_control_protocol_softwareMatch7.0\(2\)sr1

ciscoskinny_client_control_protocol_softwareMatch7.0\(3\)

ciscoskinny_client_control_protocol_softwareMatch7.1\(2\)

ciscoskinny_client_control_protocol_softwareMatch7.2\(2\)

ciscoskinny_client_control_protocol_softwareMatch7.2\(3\)

ciscoskinny_client_control_protocol_softwareMatch7.2\(4\)

ciscoskinny_client_control_protocol_softwareMatch8.0\(1\)

ciscoskinny_client_control_protocol_softwareMatch8.0\(2\)

ciscoskinny_client_control_protocol_softwareMatch8.0\(3\)

ciscoskinny_client_control_protocol_softwareMatch8.0\(4\)

ciscoskinny_client_control_protocol_softwareMatch8.0\(4\)sr1

ciscoskinny_client_control_protocol_softwareMatch8.0\(4\)sr3a

ciscoskinny_client_control_protocol_softwareMatch8.0\(5\)

ciscoskinny_client_control_protocol_softwareMatch8.0\(6\)

ciscoskinny_client_control_protocol_softwareMatch8.0\(7\)

ciscoskinny_client_control_protocol_softwareMatch8.0\(8\)

ciscoskinny_client_control_protocol_softwareMatch8.0\(9\)

ciscoskinny_client_control_protocol_softwareMatch8.0\(10\)

ciscoskinny_client_control_protocol_softwareMatch8.1\(1\)

ciscoskinny_client_control_protocol_softwareMatch8.1\(2\)

ciscoskinny_client_control_protocol_softwareMatch8.2\(1\)

ciscoskinny_client_control_protocol_softwareMatch8.2\(2\)sr1

ciscoskinny_client_control_protocol_softwareMatch8.2\(2\)sr2

ciscoskinny_client_control_protocol_softwareMatch8.2\(2\)sr3

ciscoskinny_client_control_protocol_softwareMatch8.2\(2\)sr4

ciscoskinny_client_control_protocol_softwareMatch8.3\(1\)

ciscoskinny_client_control_protocol_softwareMatch8.3\(2\)

ciscoskinny_client_control_protocol_softwareMatch8.3\(2\)sr1

ciscoskinny_client_control_protocol_softwareMatch8.3\(3\)

ciscoskinny_client_control_protocol_softwareMatch8.3\(3\)sr1

ciscoskinny_client_control_protocol_softwareMatch8.3\(3\)sr2

ciscoskinny_client_control_protocol_softwareMatch8.3\(5\)

ciscoskinny_client_control_protocol_softwareMatch8.4\(1\)

ciscoskinny_client_control_protocol_softwareMatch8.4\(1\)sr2

ciscoskinny_client_control_protocol_softwareMatch8.4\(2\)

ciscoskinny_client_control_protocol_softwareMatch8.4\(3\)

ciscoskinny_client_control_protocol_softwareMatch8.4\(4\)

ciscoskinny_client_control_protocol_softwareMatch8.5\(2\)

ciscoskinny_client_control_protocol_softwareMatch8.5\(2\)sr1

ciscoskinny_client_control_protocol_softwareMatch8.5\(3\)

ciscoskinny_client_control_protocol_softwareMatch8.5\(3\)sr1

ciscoskinny_client_control_protocol_softwareMatch8.5\(4\)

ciscoskinny_client_control_protocol_softwareMatch8.70

ciscoskinny_client_control_protocol_softwareMatch9.0\(2\)sr1

ciscoskinny_client_control_protocol_softwareMatch9.0\(2\)sr2

ciscoskinny_client_control_protocol_softwareMatch9.0\(3\)

ciscoskinny_client_control_protocol_softwareMatch9.0\(3b\)

ciscoskinny_client_control_protocol_softwareMatch9.1\(1\)

ciscoskinny_client_control_protocol_softwareMatch9.1\(1\)sr1

ciscoskinny_client_control_protocol_softwareMatch9.1\(1\)sr2

ciscoskinny_client_control_protocol_softwareMatch9.2\(1\)

ciscoskinny_client_control_protocol_softwareMatch9.2\(2\)

AND

ciscounified_ip_phoneMatch7906g

ciscounified_ip_phoneMatch7911g

ciscounified_ip_phoneMatch7935

ciscounified_ip_phoneMatch7936

ciscounified_ip_phoneMatch7940

ciscounified_ip_phoneMatch7940g

ciscounified_ip_phoneMatch7941g

ciscounified_ip_phoneMatch7960

ciscounified_ip_phoneMatch7960g

ciscounified_ip_phoneMatch7961g

ciscounified_ip_phoneMatch7970g

ciscounified_ip_phoneMatch7971g

ciscounified_ip_phone_7906gMatch7911g

ciscounified_ip_phone_7906gMatch7941g

ciscounified_ip_phone_7906gMatch7961g

ciscounified_ip_phone_7906gMatch7970g

ciscounified_ip_phone_7906gMatch7971g

CPENameOperatorVersion
cisco:skinny_client_control_protocol_softwarecisco skinny client control protocol softwarele9.2\(4\)
cisco:skinny_client_control_protocol_softwarecisco skinny client control protocol softwareeq1.0\(1\)
cisco:skinny_client_control_protocol_softwarecisco skinny client control protocol softwareeq1.0\(2\)
cisco:skinny_client_control_protocol_softwarecisco skinny client control protocol softwareeq1.0\(3\)
cisco:skinny_client_control_protocol_softwarecisco skinny client control protocol softwareeq1.0\(4\)
cisco:skinny_client_control_protocol_softwarecisco skinny client control protocol softwareeq1.0\(5\)
cisco:skinny_client_control_protocol_softwarecisco skinny client control protocol softwareeq1.0\(9\)
cisco:skinny_client_control_protocol_softwarecisco skinny client control protocol softwareeq1.1\(1\)
cisco:skinny_client_control_protocol_softwarecisco skinny client control protocol softwareeq1.2\(1\)
cisco:skinny_client_control_protocol_softwarecisco skinny client control protocol softwareeq1.3\(1\)

CPE	Name	Operator	Version
cisco:skinny_client_control_protocol_software	cisco skinny client control protocol software	le	9.2\(4\)
cisco:skinny_client_control_protocol_software	cisco skinny client control protocol software	eq	1.0\(1\)
cisco:skinny_client_control_protocol_software	cisco skinny client control protocol software	eq	1.0\(2\)
cisco:skinny_client_control_protocol_software	cisco skinny client control protocol software	eq	1.0\(3\)
cisco:skinny_client_control_protocol_software	cisco skinny client control protocol software	eq	1.0\(4\)
cisco:skinny_client_control_protocol_software	cisco skinny client control protocol software	eq	1.0\(5\)
cisco:skinny_client_control_protocol_software	cisco skinny client control protocol software	eq	1.0\(9\)
cisco:skinny_client_control_protocol_software	cisco skinny client control protocol software	eq	1.1\(1\)
cisco:skinny_client_control_protocol_software	cisco skinny client control protocol software	eq	1.2\(1\)
cisco:skinny_client_control_protocol_software	cisco skinny client control protocol software	eq	1.3\(1\)