4 matches found
CVE-2024-4196
An improper input validation vulnerability was discovered in Avaya IP Office that could allow remote command or code execution via a specially crafted web request to the Web Control component. Affected versions include all versions prior to 11.1.3.1...
Avaya IP Office Information Disclosure Vulnerability (CNVD-2020-46847)
Avaya IP Office is a small business phone system from Avaya, Inc. in the United States. An information disclosure vulnerability exists in the Web interface component in Avaya IP Office versions 9.x, 10.0 through 10.1.0.7, and 11.0 through 11.0.4.2. The vulnerability stems from an error in...
CVE-2017-12969
Buffer overflow in the ViewerCtrlLib.ViewerCtrl ActiveX control in Avaya IP Office Contact Center before 10.1.1 allows remote attackers to cause a denial of service heap corruption and crash or execute arbitrary code via a long string to the open method...
CVE-2017-11309
Buffer overflow in the SoftConsole client in Avaya IP Office before 10.1.1 allows remote servers to execute arbitrary code via a long response...