CVE-2013-1176

2013-04-18T18:55:00
ID CVE-2013-1176
Type cve
Reporter cve@mitre.org
Modified 2013-04-19T04:00:00

Description

The DSP card on Cisco TelePresence MCU 4500 and 4501 devices before 4.3(2.30), TelePresence MCU MSE 8510 devices before 4.3(2.30), and TelePresence Server before 2.3(1.55) does not properly validate H.264 data, which allows remote attackers to cause a denial of service (device reload) via crafted RTP packets in a (1) SIP session or (2) H.323 session, aka Bug IDs CSCuc11328 and CSCub05448. Per: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130417-tpi

'Vulnerable Products The following Cisco TelePresence Infrastructure products are affected by this vulnerability:

Cisco TelePresence MCU 4501 Series, MCU 4500 Series and Cisco TelePresence MCU MSE 8510 versions 4.3(2.18) and earlier
Cisco TelePresence Server versions 2.2(1.54) and earlier'