1122 matches found
Code injection
Microsoft Communicator, and Communicator in Microsoft Office 2010 beta, allows remote attackers to cause a denial of service memory consumption via a large number of SIP INVITE requests, which trigger the creation of many sessions...
CVE-2008-5180
Microsoft Communicator, and Communicator in Microsoft Office 2010 beta, allows remote attackers to cause a denial of service memory consumption via a large number of SIP INVITE requests, which trigger the creation of many sessions...
CVE-2008-5180
Microsoft Communicator, and Communicator in Microsoft Office 2010 beta, allows remote attackers to cause a denial of service memory consumption via a large number of SIP INVITE requests, which trigger the creation of many sessions...
CVE-2008-5180
Microsoft Communicator and the Communicator component in Office 2010 beta are affected by CVE-2008-5180. The vulnerability allows remote attackers to cause a denial of service (memory consumption) by sending a large number of SIP INVITE requests, which triggers the creation of many sessions. The ...
PT-2008-6324 · Microsoft · Ge Communicator +1
Name of the Vulnerable Software and Affected Versions: Microsoft Communicator affected versions not specified Microsoft Office 2010 beta affected versions not specified Description: The issue allows remote attackers to cause a denial of service, resulting in memory consumption, via a large number...
CVE-2008-3210
rutil/dns/DnsStub.cxx in ReSIProcate 1.3.2, as used by repro, allows remote attackers to cause a denial of service daemon crash via a SIP 1 INVITE or 2 OPTIONS message with a long domain name in a request URI, which triggers an assert error...
reSIProcate 1.3.2 Remote Denial of Service PoC
No description provided by source. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Remote DoS in reSIProcate MU-200807-01 July 10, 2008 http://labs.mudynamics.com/advisories.html Affected Products/Versions: repro SIP proxy/registrar 1.3.2 http://www.resiprocate.org/ReSIProcate1.3.2Release Any produ...
TorrentTrader多个SQL注入漏洞
BUGTRAQ ID: 29787 CVECAN ID: CVE-2008-2428 TorrentTrader是用PHP编写的torrent tracker平台。 TorrentTrader的account-signup.php文件中没有正确地验证对email和wantusername参数的输入,远程攻击者可以通过SQL注入攻击检索管理员口令哈希。成功利用这个漏洞要求禁用了magicquotesgpc且站点没有配置为invite-only。...
CVE-2008-2119
Asterisk Open Source 1.0.x and 1.2.x before 1.2.29 and Business Edition A.x.x and B.x.x before B.2.5.3, when pedantic parsing aka pedanticsipchecking is enabled, allows remote attackers to cause a denial of service daemon crash via a SIP INVITE message that lacks a From header, related to...
Null pointer dereference
Asterisk Open Source 1.0.x and 1.2.x before 1.2.29 and Business Edition A.x.x and B.x.x before B.2.5.3, when pedantic parsing aka pedanticsipchecking is enabled, allows remote attackers to cause a denial of service daemon crash via a SIP INVITE message that lacks a From header, related to...
CVE-2008-2119
Asterisk Open Source 1.0.x and 1.2.x before 1.2.29 and Business Edition A.x.x and B.x.x before B.2.5.3, when pedantic parsing aka pedanticsipchecking is enabled, allows remote attackers to cause a denial of service daemon crash via a SIP INVITE message that lacks a From header, related to...
CVE-2008-2119
Asterisk Open Source 1.0.x and 1.2.x before 1.2.29 and Business Edition A.x.x and B.x.x before B.2.5.3, when pedantic parsing aka pedanticsipchecking is enabled, allows remote attackers to cause a denial of service daemon crash via a SIP INVITE message that lacks a From header, related to...
CVE-2008-2119
CVE-2008-2119 affects Asterisk Open Source 1.0.x and 1.2.x (pre-1.2.29) and Business Edition A.x.x/B.x.x (pre-B.2.5.3). In pedantic parsing, From header null/empty values are fed to ast_uri_decode, causing a remote DoS (daemon crash). OpenVAS/Gentoo advisories document this and recommend upgradin...
CVE-2008-2119
Asterisk Open Source 1.0.x and 1.2.x before 1.2.29 and Business Edition A.x.x and B.x.x before B.2.5.3, when pedantic parsing aka pedanticsipchecking is enabled, allows remote attackers to cause a denial of service daemon crash via a SIP INVITE message that lacks a From header, related to...
CVE-2008-2119
Asterisk Open Source 1.0.x and 1.2.x before 1.2.29 and Business Edition A.x.x and B.x.x before B.2.5.3, when pedantic parsing aka pedanticsipchecking is enabled, allows remote attackers to cause a denial of service daemon crash via a SIP INVITE message that lacks a From header, related to...
Code injection
Unspecified vulnerability in Cisco Unified Communications Manager 4.1 before 4.13SR6, 4.2 before 4.23SR3, 4.3 before 4.32, 5.x before 5.13, and 6.x before 6.11 allows remote attackers to cause a denial of service CCM service restart via an unspecified SIP INVITE message, aka Bug ID CSCsk46944...
CVE-2008-1747
Unspecified vulnerability in Cisco Unified Communications Manager 4.1 before 4.13SR6, 4.2 before 4.23SR3, 4.3 before 4.32, 5.x before 5.13, and 6.x before 6.11 allows remote attackers to cause a denial of service CCM service restart via an unspecified SIP INVITE message, aka Bug ID CSCsk46944...
CVE-2008-1747
Cisco Unified Communications Manager (CUCM) is affected by a denial-of-service vulnerability (CVE-2008-1747) that can be triggered by malformed SIP INVITE messages, potentially causing a CCM service restart. Historically documented for CUCM versions 4.1 before 4.1(3)SR6, 4.2 before 4.2(3)SR3, 4.3...
CVE-2008-1304
Multiple cross-site scripting XSS vulnerabilities in WordPress 2.3.2 allow remote attackers to inject arbitrary web script or HTML via the 1 inviteemail parameter in an invite action to wp-admin/users.php and the 2 to parameter in a sent action to wp-admin/invites.php...
CVE-2008-1304
Multiple cross-site scripting XSS vulnerabilities in WordPress 2.3.2 allow remote attackers to inject arbitrary web script or HTML via the 1 inviteemail parameter in an invite action to wp-admin/users.php and the 2 to parameter in a sent action to wp-admin/invites.php...