129 matches found
Cisco IP Phone 8800 Series and IP Phone 7800 Series Denial of Service Vulnerability
The Cisco IP Phone 7800 Series and the Cisco IP Phone 8800 Series are both different series of telephones from Cisco that offer video and VoIP communication features. A denial of service vulnerability exists in the Session Initiation Protocol SIP call processing feature in the Cisco IP Phone 7800...
ALPINE-CVE-2017-14767
The sdpparsefmtpconfigh264 function in libavformat/rtpdech264.c in FFmpeg before 3.3.4 mishandles empty sprop-parameter-sets values, which allows remote attackers to cause a denial of service heap buffer overflow or possibly have unspecified other impact via a crafted sdp file...
The vulnerability of the SDP protocol implementation in the Android operating system allows a perpetrator to disclose sensitive information about the system.
The vulnerability of the SDP protocol implementation in the Android operating system arises from the possibility of reading data beyond the memory buffer boundaries. Exploiting this vulnerability allows an attacker to send a series of requests to the server and reveal memory bits in the responses...
CVE-2016-6448
A vulnerability in the Session Description Protocol SDP parser of Cisco Meeting Server could allow an unauthenticated, remote attacker to execute arbitrary code on an affected system. This vulnerability affects the following products: Cisco Meeting Server releases prior to Release 2.0.3, Acano...
Design/Logic Flaw
A vulnerability in the Session Description Protocol SDP parser of Cisco Meeting Server could allow an unauthenticated, remote attacker to execute arbitrary code on an affected system. This vulnerability affects the following products: Cisco Meeting Server releases prior to Release 2.0.3, Acano...
Cisco Meeting Server SDP Parser Buffer Overflow Vulnerability
Cisco Meeting Server formerly known as Acano Conferencing Server is the United States Cisco Cisco company's set of audio and video conferencing server software. Cisco Meeting Server has a buffer overflow vulnerability in the Session Description Protocol SDP parser that could allow a remote attack...
Cisco Meeting Server Session Description Protocol Media Lines Buffer Overflow Vulnerability
A vulnerability in the Session Description Protocol SDP parser of Cisco Meeting Server could allow an unauthenticated, remote attacker to execute arbitrary code on an affected system. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, an...
Cisco Releases Security Updates for Multiple Products
Cisco has released several updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. Users and administrators are encouraged to review the following Cisco Security Advisories and apply the...
The vulnerability of the Wireshark Network Protocol Analyzer software allows a remote attacker to compromise the accessibility of protected information.
The use of this method after being released in the SDP dissector in Wireshark allows remote attackers to trigger a service failure abnormal termination of the application’s operation using a specially crafted packet. This packet utilizes the shared memory capabilities of both SDP and RTP dissecto...
The vulnerability of the Wireshark Network Protocol Analyzer software allows a remote attacker to compromise the accessibility of protected information.
The vulnerability exists in the SDP dissector in Wireshark, due to the creation of copies of the hash tables for the media channel. Exploiting this vulnerability allows malicious actors operating remotely to cause a service failure abrupt termination of an application, by sending a specially...
Wireshark SDP Parser Denial of Service Vulnerability
Wireshark is the most popular network protocol parser. In Wireshark version 1.12.x prior to 1.12.9, the function dissectsdp in epan/dissectors/packet-sdp.c in the SDP parser does not prevent the use of negative media counts, and by constructing packets, a remote attacker can cause a denial of...
DEBIAN-CVE-2015-8717
The dissectsdp function in epan/dissectors/packet-sdp.c in the SDP dissector in Wireshark 1.12.x before 1.12.9 does not prevent use of a negative media count, which allows remote attackers to cause a denial of service application crash via a crafted packet...
Cisco TelePresence Video Communication Server SDP Processing Denial of Service Vulnerability
Cisco TelePresence Video Communication Server is a video conferencing solution that integrates h.323 and SIP. Cisco TelePresence Video Communication Server handles SDP with a security vulnerability that allows an attacker to send specially crafted SDP parameter negotiation requests over a SIP...
Cisco TelePresence Conductor SDP Media Description Vulnerability
According to its self-reported version number, the Cisco TelePresence Conductor on the remote host contains an vulnerability related to the Session Description Protocol SDP packet handler function. A remote, unauthenticated attacker, using a crafted SDP packet to trigger a reload, can exploit thi...
Cisco TelePresence VCS / Expressway Series < 8.2 SDP Media Description Vulnerability
According to the self-reported version, the Cisco TelePresence VCS or Expressway Series on the remote host contains an vulnerability related to the Session Description Protocol SDP packet handler function. A remote, unauthenticated attacker, using a crafted SDP packet to trigger a reload, can...
Cisco TelePresence VCS and Conductor SDP Message Denial of Service Vulnerability
Cisco TelePresence is a telepresence conferencing solution developed by Cisco.Cisco Expressway is a video conferencing application. A security vulnerability in Cisco TelePresence VCS and Conductor SDP message handling allows attackers to exploit the vulnerability to submit special IPv4 or IPv6v6...
Digium Asterisk Open Source Resource Management Error Vulnerability
Digium Asterisk Open Source is an open source telephone exchange PBX system software from Digium. The software supports voicemail, multi-party voice conferencing, interactive voice response IVR and so on. A security vulnerability exists in Digium Asterisk Open Source versions 12.x prior to 12.8.1...
wireshark: RTP dissector crash (wnpa-sec-2014-12)
Use-after-free vulnerability in the SDP dissector in Wireshark 1.10.x before 1.10.10 allows remote attackers to cause a denial of service application crash via a crafted packet that leverages split memory ownership between the SDP and RTP dissectors...
wireshark: RTP dissector crash (wnpa-sec-2014-12)
The SDP dissector in Wireshark 1.10.x before 1.10.10 creates duplicate hashtables for a media channel, which allows remote attackers to cause a denial of service application crash via a crafted packet to the RTP dissector...
Cisco IOS Software Network Address Translation (NAT) ALG Module DoS (cisco-sa-20140924-nat)
According to its self-reported version, the version of Cisco IOS running on the remote host is affected by a denial of service vulnerability in the Network Address Translation NAT application-layer gateway ALG module. This issue exists due to improper handling of multipart Session Description...