CVE-2008-0027

2008-01-1703:00:00

CWE-119

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

Confidence

High

EPSS

0.184

Percentile

96.3%

JSON

Heap-based buffer overflow in the Certificate Trust List (CTL) Provider service (CTLProvider.exe) in Cisco Unified Communications Manager (CUCM) 4.2 before 4.2(3)SR3 and 4.3 before 4.3(1)SR1, and CallManager 4.0 and 4.1 before 4.1(3)SR5c, allows remote attackers to cause a denial of service or execute arbitrary code via a long request.

Affected configurations

Nvd

Node

ciscounified_callmanagerMatch4.0

ciscounified_callmanagerMatch4.1

ciscounified_callmanagerMatch4.1\(3\)sr4

ciscounified_callmanagerMatch4.1\(3\)sr5

ciscounified_callmanagerMatch4.1\(3\)sr5b

ciscounified_communications_managerMatch4.2

ciscounified_communications_managerMatch4.2.3sr2

ciscounified_communications_managerMatch4.2.3sr2b

ciscounified_communications_managerMatch4.3

VendorProductVersionCPE
ciscounified_callmanager4.0cpe:2.3:a:cisco:unified_callmanager:4.0:*:*:*:*:*:*:*
ciscounified_callmanager4.1cpe:2.3:a:cisco:unified_callmanager:4.1:*:*:*:*:*:*:*
ciscounified_callmanager4.1(3)sr4cpe:2.3:a:cisco:unified_callmanager:4.1\(3\)sr4:*:*:*:*:*:*:*
ciscounified_callmanager4.1(3)sr5cpe:2.3:a:cisco:unified_callmanager:4.1\(3\)sr5:*:*:*:*:*:*:*
ciscounified_callmanager4.1(3)sr5bcpe:2.3:a:cisco:unified_callmanager:4.1\(3\)sr5b:*:*:*:*:*:*:*
ciscounified_communications_manager4.2cpe:2.3:a:cisco:unified_communications_manager:4.2:*:*:*:*:*:*:*
ciscounified_communications_manager4.2.3sr2cpe:2.3:a:cisco:unified_communications_manager:4.2.3sr2:*:*:*:*:*:*:*
ciscounified_communications_manager4.2.3sr2bcpe:2.3:a:cisco:unified_communications_manager:4.2.3sr2b:*:*:*:*:*:*:*
ciscounified_communications_manager4.3cpe:2.3:a:cisco:unified_communications_manager:4.3:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	unified_callmanager	4.0	cpe:2.3:a:cisco:unified_callmanager:4.0:::::::*
cisco	unified_callmanager	4.1	cpe:2.3:a:cisco:unified_callmanager:4.1:::::::*
cisco	unified_callmanager	4.1(3)sr4	cpe:2.3:a:cisco:unified_callmanager:4.1\(3\)sr4:::::::*
cisco	unified_callmanager	4.1(3)sr5	cpe:2.3:a:cisco:unified_callmanager:4.1\(3\)sr5:::::::*
cisco	unified_callmanager	4.1(3)sr5b	cpe:2.3:a:cisco:unified_callmanager:4.1\(3\)sr5b:::::::*
cisco	unified_communications_manager	4.2	cpe:2.3:a:cisco:unified_communications_manager:4.2:::::::*
cisco	unified_communications_manager	4.2.3sr2	cpe:2.3:a:cisco:unified_communications_manager:4.2.3sr2:::::::*
cisco	unified_communications_manager	4.2.3sr2b	cpe:2.3:a:cisco:unified_communications_manager:4.2.3sr2b:::::::*
cisco	unified_communications_manager	4.3	cpe:2.3:a:cisco:unified_communications_manager:4.3:::::::*