Lucene search

[email protected]CVE-2012-5445

HistoryDec 28, 2012 - 11:48 a.m.

CVE-2012-5445

2012-12-2811:48:44

CWE-20

[email protected]

web.nvd.nist.gov

cisco

native unix

cnu

cisco unified ip phone

tnp phones

cve-2012-5445

vulnerability

arbitrary code execution

denial of service

nvd

7.6 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:S/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

12.5%

JSON

The kernel in Cisco Native Unix (CNU) on Cisco Unified IP Phone 7900 series devices (aka TNP phones) with software before 9.3.1-ES10 does not properly validate unspecified system calls, which allows attackers to execute arbitrary code or cause a denial of service (memory overwrite) via a crafted binary.

Affected configurations

NVD

Node

ciscoskinny_client_control_protocol_softwareRange≤9.2\(4\)

ciscoskinny_client_control_protocol_softwareMatch1.0\(1\)

ciscoskinny_client_control_protocol_softwareMatch1.0\(2\)

ciscoskinny_client_control_protocol_softwareMatch1.0\(2\)sr1

ciscoskinny_client_control_protocol_softwareMatch1.0\(3\)

ciscoskinny_client_control_protocol_softwareMatch1.0\(4\)

ciscoskinny_client_control_protocol_softwareMatch1.0\(5\)

ciscoskinny_client_control_protocol_softwareMatch1.0\(9\)

ciscoskinny_client_control_protocol_softwareMatch1.1\(1\)

ciscoskinny_client_control_protocol_softwareMatch1.2\(1\)

ciscoskinny_client_control_protocol_softwareMatch1.3\(1\)

ciscoskinny_client_control_protocol_softwareMatch1.3\(2\)

ciscoskinny_client_control_protocol_softwareMatch1.3\(3\)

ciscoskinny_client_control_protocol_softwareMatch1.3\(4\)

ciscoskinny_client_control_protocol_softwareMatch1.3\(4\)sr1

ciscoskinny_client_control_protocol_softwareMatch1.4\(1\)

ciscoskinny_client_control_protocol_softwareMatch1.4\(2\)

ciscoskinny_client_control_protocol_softwareMatch2.0\(0\)

ciscoskinny_client_control_protocol_softwareMatch2.0\(1\)

ciscoskinny_client_control_protocol_softwareMatch3.0

ciscoskinny_client_control_protocol_softwareMatch3.0\(0\)

ciscoskinny_client_control_protocol_softwareMatch3.0\(1\)

ciscoskinny_client_control_protocol_softwareMatch3.0\(2\)

ciscoskinny_client_control_protocol_softwareMatch3.1

ciscoskinny_client_control_protocol_softwareMatch3.1\(1\)

ciscoskinny_client_control_protocol_softwareMatch3.1\(2\)

ciscoskinny_client_control_protocol_softwareMatch3.1\(3\)

ciscoskinny_client_control_protocol_softwareMatch3.1\(4\)

ciscoskinny_client_control_protocol_softwareMatch3.1\(6\)

ciscoskinny_client_control_protocol_softwareMatch3.1\(10\)

ciscoskinny_client_control_protocol_softwareMatch3.1\(11\)

ciscoskinny_client_control_protocol_softwareMatch3.2

ciscoskinny_client_control_protocol_softwareMatch3.2\(1\)

ciscoskinny_client_control_protocol_softwareMatch3.2\(2\)

ciscoskinny_client_control_protocol_softwareMatch3.2\(3\)

ciscoskinny_client_control_protocol_softwareMatch3.2\(4\)

ciscoskinny_client_control_protocol_softwareMatch3.2\(5\)

ciscoskinny_client_control_protocol_softwareMatch3.2\(6\)

ciscoskinny_client_control_protocol_softwareMatch3.2\(6a\)

ciscoskinny_client_control_protocol_softwareMatch3.2\(7\)

ciscoskinny_client_control_protocol_softwareMatch3.2\(8\)

ciscoskinny_client_control_protocol_softwareMatch3.2\(9\)

ciscoskinny_client_control_protocol_softwareMatch3.2\(10\)

ciscoskinny_client_control_protocol_softwareMatch3.2\(11\)

ciscoskinny_client_control_protocol_softwareMatch3.2\(12\)

ciscoskinny_client_control_protocol_softwareMatch3.2\(13\)

ciscoskinny_client_control_protocol_softwareMatch3.2\(14\)

ciscoskinny_client_control_protocol_softwareMatch3.2\(15\)

ciscoskinny_client_control_protocol_softwareMatch3.3\(2\)

ciscoskinny_client_control_protocol_softwareMatch3.3\(3\)

ciscoskinny_client_control_protocol_softwareMatch3.3\(4\)

ciscoskinny_client_control_protocol_softwareMatch3.3\(5\)

ciscoskinny_client_control_protocol_softwareMatch3.3\(6\)

ciscoskinny_client_control_protocol_softwareMatch3.3\(7\)

ciscoskinny_client_control_protocol_softwareMatch3.3\(8\)

ciscoskinny_client_control_protocol_softwareMatch3.3\(9\)

ciscoskinny_client_control_protocol_softwareMatch3.3\(10\)

ciscoskinny_client_control_protocol_softwareMatch3.3\(11\)

ciscoskinny_client_control_protocol_softwareMatch3.3\(12\)

ciscoskinny_client_control_protocol_softwareMatch3.3\(13\)

ciscoskinny_client_control_protocol_softwareMatch3.3\(14\)

ciscoskinny_client_control_protocol_softwareMatch3.3\(15\)

ciscoskinny_client_control_protocol_softwareMatch3.3\(16\)

ciscoskinny_client_control_protocol_softwareMatch3.3\(20\)

ciscoskinny_client_control_protocol_softwareMatch4.0\(0\)

ciscoskinny_client_control_protocol_softwareMatch4.1\(2\)

ciscoskinny_client_control_protocol_softwareMatch4.1\(3\)

ciscoskinny_client_control_protocol_softwareMatch4.1\(4\)

ciscoskinny_client_control_protocol_softwareMatch4.1\(5\)

ciscoskinny_client_control_protocol_softwareMatch4.1\(6\)

ciscoskinny_client_control_protocol_softwareMatch4.1\(7\)

ciscoskinny_client_control_protocol_softwareMatch5.0\(0\)

ciscoskinny_client_control_protocol_softwareMatch5.0\(1a\)

ciscoskinny_client_control_protocol_softwareMatch5.0\(3\)

ciscoskinny_client_control_protocol_softwareMatch5.0\(5\)

ciscoskinny_client_control_protocol_softwareMatch5.0\(6\)

ciscoskinny_client_control_protocol_softwareMatch5.0\(7\)

ciscoskinny_client_control_protocol_softwareMatch6.0\(0\)

ciscoskinny_client_control_protocol_softwareMatch6.0\(2\)sr2

ciscoskinny_client_control_protocol_softwareMatch6.0\(3\)

ciscoskinny_client_control_protocol_softwareMatch6.0\(3\)sr1

ciscoskinny_client_control_protocol_softwareMatch6.0\(4\)

ciscoskinny_client_control_protocol_softwareMatch6.0\(5\)

ciscoskinny_client_control_protocol_softwareMatch6.1\(0\)

ciscoskinny_client_control_protocol_softwareMatch6.1\(1\)

ciscoskinny_client_control_protocol_softwareMatch7.0\(1\)

ciscoskinny_client_control_protocol_softwareMatch7.0\(2\)

ciscoskinny_client_control_protocol_softwareMatch7.0\(2\)sr1

ciscoskinny_client_control_protocol_softwareMatch7.0\(3\)

ciscoskinny_client_control_protocol_softwareMatch7.1\(2\)

ciscoskinny_client_control_protocol_softwareMatch7.2\(2\)

ciscoskinny_client_control_protocol_softwareMatch7.2\(3\)

ciscoskinny_client_control_protocol_softwareMatch7.2\(4\)

ciscoskinny_client_control_protocol_softwareMatch8.0\(1\)

ciscoskinny_client_control_protocol_softwareMatch8.0\(2\)

ciscoskinny_client_control_protocol_softwareMatch8.0\(3\)

ciscoskinny_client_control_protocol_softwareMatch8.0\(4\)

ciscoskinny_client_control_protocol_softwareMatch8.0\(4\)sr1

ciscoskinny_client_control_protocol_softwareMatch8.0\(4\)sr3a

ciscoskinny_client_control_protocol_softwareMatch8.0\(5\)

ciscoskinny_client_control_protocol_softwareMatch8.0\(6\)

ciscoskinny_client_control_protocol_softwareMatch8.0\(7\)

ciscoskinny_client_control_protocol_softwareMatch8.0\(8\)

ciscoskinny_client_control_protocol_softwareMatch8.0\(9\)

ciscoskinny_client_control_protocol_softwareMatch8.0\(10\)

ciscoskinny_client_control_protocol_softwareMatch8.1\(1\)

ciscoskinny_client_control_protocol_softwareMatch8.1\(2\)

ciscoskinny_client_control_protocol_softwareMatch8.2\(1\)

ciscoskinny_client_control_protocol_softwareMatch8.2\(2\)sr1

ciscoskinny_client_control_protocol_softwareMatch8.2\(2\)sr2

ciscoskinny_client_control_protocol_softwareMatch8.2\(2\)sr3

ciscoskinny_client_control_protocol_softwareMatch8.2\(2\)sr4

ciscoskinny_client_control_protocol_softwareMatch8.3\(1\)

ciscoskinny_client_control_protocol_softwareMatch8.3\(2\)

ciscoskinny_client_control_protocol_softwareMatch8.3\(2\)sr1

ciscoskinny_client_control_protocol_softwareMatch8.3\(3\)

ciscoskinny_client_control_protocol_softwareMatch8.3\(3\)sr1

ciscoskinny_client_control_protocol_softwareMatch8.3\(3\)sr2

ciscoskinny_client_control_protocol_softwareMatch8.3\(5\)

ciscoskinny_client_control_protocol_softwareMatch8.4\(1\)

ciscoskinny_client_control_protocol_softwareMatch8.4\(1\)sr2

ciscoskinny_client_control_protocol_softwareMatch8.4\(2\)

ciscoskinny_client_control_protocol_softwareMatch8.4\(3\)

ciscoskinny_client_control_protocol_softwareMatch8.4\(4\)

ciscoskinny_client_control_protocol_softwareMatch8.5\(2\)

ciscoskinny_client_control_protocol_softwareMatch8.5\(2\)sr1

ciscoskinny_client_control_protocol_softwareMatch8.5\(3\)

ciscoskinny_client_control_protocol_softwareMatch8.5\(3\)sr1

ciscoskinny_client_control_protocol_softwareMatch8.5\(4\)

ciscoskinny_client_control_protocol_softwareMatch8.70

ciscoskinny_client_control_protocol_softwareMatch9.0\(2\)sr1

ciscoskinny_client_control_protocol_softwareMatch9.0\(2\)sr2

ciscoskinny_client_control_protocol_softwareMatch9.0\(3\)

ciscoskinny_client_control_protocol_softwareMatch9.0\(3b\)

ciscoskinny_client_control_protocol_softwareMatch9.1\(1\)

ciscoskinny_client_control_protocol_softwareMatch9.1\(1\)sr1

ciscoskinny_client_control_protocol_softwareMatch9.1\(1\)sr2

ciscoskinny_client_control_protocol_softwareMatch9.2\(1\)

ciscoskinny_client_control_protocol_softwareMatch9.2\(2\)

AND

ciscounified_ip_phoneMatch7906g

ciscounified_ip_phoneMatch7911g

ciscounified_ip_phoneMatch7935

ciscounified_ip_phoneMatch7936

ciscounified_ip_phoneMatch7940

ciscounified_ip_phoneMatch7940g

ciscounified_ip_phoneMatch7941g

ciscounified_ip_phoneMatch7960

ciscounified_ip_phoneMatch7960g

ciscounified_ip_phoneMatch7961g

ciscounified_ip_phoneMatch7970g

ciscounified_ip_phoneMatch7971g

ciscounified_ip_phone_7906gMatch7911g

ciscounified_ip_phone_7906gMatch7941g

ciscounified_ip_phone_7906gMatch7961g

ciscounified_ip_phone_7906gMatch7970g

ciscounified_ip_phone_7906gMatch7971g

CPENameOperatorVersion
cisco:skinny_client_control_protocol_softwarecisco skinny client control protocol softwarele9.2\(4\)
cisco:skinny_client_control_protocol_softwarecisco skinny client control protocol softwareeq1.0\(1\)
cisco:skinny_client_control_protocol_softwarecisco skinny client control protocol softwareeq1.0\(2\)
cisco:skinny_client_control_protocol_softwarecisco skinny client control protocol softwareeq1.0\(3\)
cisco:skinny_client_control_protocol_softwarecisco skinny client control protocol softwareeq1.0\(4\)
cisco:skinny_client_control_protocol_softwarecisco skinny client control protocol softwareeq1.0\(5\)
cisco:skinny_client_control_protocol_softwarecisco skinny client control protocol softwareeq1.0\(9\)
cisco:skinny_client_control_protocol_softwarecisco skinny client control protocol softwareeq1.1\(1\)
cisco:skinny_client_control_protocol_softwarecisco skinny client control protocol softwareeq1.2\(1\)
cisco:skinny_client_control_protocol_softwarecisco skinny client control protocol softwareeq1.3\(1\)

CPE	Name	Operator	Version
cisco:skinny_client_control_protocol_software	cisco skinny client control protocol software	le	9.2\(4\)
cisco:skinny_client_control_protocol_software	cisco skinny client control protocol software	eq	1.0\(1\)
cisco:skinny_client_control_protocol_software	cisco skinny client control protocol software	eq	1.0\(2\)
cisco:skinny_client_control_protocol_software	cisco skinny client control protocol software	eq	1.0\(3\)
cisco:skinny_client_control_protocol_software	cisco skinny client control protocol software	eq	1.0\(4\)
cisco:skinny_client_control_protocol_software	cisco skinny client control protocol software	eq	1.0\(5\)
cisco:skinny_client_control_protocol_software	cisco skinny client control protocol software	eq	1.0\(9\)
cisco:skinny_client_control_protocol_software	cisco skinny client control protocol software	eq	1.1\(1\)
cisco:skinny_client_control_protocol_software	cisco skinny client control protocol software	eq	1.2\(1\)
cisco:skinny_client_control_protocol_software	cisco skinny client control protocol software	eq	1.3\(1\)