8 matches found
Cisco 9900 Series Phone webapp Buffer Overflow (CVE-2013-5532)
Buffer overflow in the web-application interface on Cisco 9900 IP phones allows remote attackers to cause a denial of service webapp interface outage via long values in unspecified fields, aka Bug ID CSCuh10343. This plugin only works with Tenable.ot. Please visit...
Cisco 9900 Series Phone Arbitrary File Download (CVE-2013-3426)
The Serviceability servlet on Cisco 9900 IP phones does not properly restrict paths, which allows remote attackers to read arbitrary files by specifying a pathname in a file request, aka Bug ID CSCuh52810. This plugin only works with Tenable.ot. Please visit...
Cisco 9900 Series IP Phones Denial of Service Vulnerability
Cisco 9900 Series IP Phones is a 9900 series IP phone product from Cisco USA. This product provides voice and video features. A denial of service vulnerability exists in the Cisco 9900 Series IP Phones, which stems from the program's failure to properly support the RTP protocol. A remote attacker...
Cisco Unified IP Phones 9900 Series Denial of Service Vulnerability (CNVD-2015-00923)
Cisco Unified IP Phone 9900 is a 9900 series IP phone terminal equipment from Cisco USA. The device provides voice, video, and other features. A security vulnerability exists in the mobility extension of the Cisco Unified IP Phone 9900 Series. A remote attacker could exploit this vulnerability to...
Cisco Unified IP Phone 9900 Series Insecure Device Permissions Vulnerability
A vulnerability in the Cisco Unified IP Phone 9900 Series could allow an authenticated, local attacker to cause a complete denial of service DoS on an affected device. The vulnerability is due to insecure file permissions on some devices. An attacker could exploit this vulnerability by writing to...
Cisco 9900 Series IP Phone Crafted Header Unregister Vulnerability
According to its self-reported version, the version of the Cisco Unified IP Phone software running on the remote device does not properly process SIP headers. By sending a specially crafted SIP header to the device, a remote attacker may be able to cause the phone to unregister, resulting in a...
Cisco 9900 Series Phone Arbitrary File Download Vulnerability
A vulnerability in the Serviceability servlet of fourth-generation Cisco IP phones could allow an unauthenticated, remote attacker to download arbitrary files from the phone's file system. The vulnerability is due to incomplete filtering of path values. An attacker could exploit this vulnerabilit...
CVE-2012-1328
Cisco Unified IP Phones 9900 series devices with firmware 9.1 and 9.2 are affected by a code/injection vulnerability in the handling of configuration data downloads to an RT phone, allowing local users to gain privileges via injected data (Bug ID CSCts32237). The issue is triggered by improper pr...