ID CVE-2013-1176
Type cve
Modified 2013-04-19T04:00:00


The DSP card on Cisco TelePresence MCU 4500 and 4501 devices before 4.3(2.30), TelePresence MCU MSE 8510 devices before 4.3(2.30), and TelePresence Server before 2.3(1.55) does not properly validate H.264 data, which allows remote attackers to cause a denial of service (device reload) via crafted RTP packets in a (1) SIP session or (2) H.323 session, aka Bug IDs CSCuc11328 and CSCub05448. Per:

'Vulnerable Products The following Cisco TelePresence Infrastructure products are affected by this vulnerability:

Cisco TelePresence MCU 4501 Series, MCU 4500 Series and Cisco TelePresence MCU MSE 8510 versions 4.3(2.18) and earlier
Cisco TelePresence Server versions 2.2(1.54) and earlier'