Lucene search
K

129 matches found

CNVD
CNVD
added 2018/05/17 12:0 a.m.5 views

Cisco IP Phone 8800 Series and IP Phone 7800 Series Denial of Service Vulnerability

The Cisco IP Phone 7800 Series and the Cisco IP Phone 8800 Series are both different series of telephones from Cisco that offer video and VoIP communication features. A denial of service vulnerability exists in the Session Initiation Protocol SIP call processing feature in the Cisco IP Phone 7800...

7.5CVSS6.9AI score0.03381EPSS
Exploits0References1
OSV
OSV
added 2017/09/27 8:29 a.m.3 views

ALPINE-CVE-2017-14767

The sdpparsefmtpconfigh264 function in libavformat/rtpdech264.c in FFmpeg before 3.3.4 mishandles empty sprop-parameter-sets values, which allows remote attackers to cause a denial of service heap buffer overflow or possibly have unspecified other impact via a crafted sdp file...

8.8CVSS7.6AI score0.02712EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2017/09/15 12:0 a.m.5 views

The vulnerability of the SDP protocol implementation in the Android operating system allows a perpetrator to disclose sensitive information about the system.

The vulnerability of the SDP protocol implementation in the Android operating system arises from the possibility of reading data beyond the memory buffer boundaries. Exploiting this vulnerability allows an attacker to send a series of requests to the server and reveal memory bits in the responses...

5.7CVSS7.6AI score0.12388EPSS
Exploits12References10Affected Software1
OSV
OSV
added 2016/11/03 9:59 p.m.3 views

CVE-2016-6448

A vulnerability in the Session Description Protocol SDP parser of Cisco Meeting Server could allow an unauthenticated, remote attacker to execute arbitrary code on an affected system. This vulnerability affects the following products: Cisco Meeting Server releases prior to Release 2.0.3, Acano...

9.8CVSS6.2AI score0.03984EPSS
Exploits0References3
Prion
Prion
added 2016/11/03 9:59 p.m.19 views

Design/Logic Flaw

A vulnerability in the Session Description Protocol SDP parser of Cisco Meeting Server could allow an unauthenticated, remote attacker to execute arbitrary code on an affected system. This vulnerability affects the following products: Cisco Meeting Server releases prior to Release 2.0.3, Acano...

7.5CVSS8.2AI score0.03984EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2016/11/03 12:0 a.m.5 views

Cisco Meeting Server SDP Parser Buffer Overflow Vulnerability

Cisco Meeting Server formerly known as Acano Conferencing Server is the United States Cisco Cisco company's set of audio and video conferencing server software. Cisco Meeting Server has a buffer overflow vulnerability in the Session Description Protocol SDP parser that could allow a remote attack...

9.8CVSS8.3AI score0.03984EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2016/11/03 12:0 a.m.28 views

Cisco Meeting Server Session Description Protocol Media Lines Buffer Overflow Vulnerability

A vulnerability in the Session Description Protocol SDP parser of Cisco Meeting Server could allow an unauthenticated, remote attacker to execute arbitrary code on an affected system. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, an...

9.8CVSS9.9AI score0.03984EPSS
Exploits0References1
CISA
CISA
added 2016/11/02 12:0 a.m.12 views

Cisco Releases Security Updates for Multiple Products

Cisco has released several updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. Users and administrators are encouraged to review the following Cisco Security Advisories and apply the...

7.6AI score
Exploits0References10
BDU FSTEC
BDU FSTEC
added 2016/07/06 12:0 a.m.6 views

The vulnerability of the Wireshark Network Protocol Analyzer software allows a remote attacker to compromise the accessibility of protected information.

The use of this method after being released in the SDP dissector in Wireshark allows remote attackers to trigger a service failure abnormal termination of the application’s operation using a specially crafted packet. This packet utilizes the shared memory capabilities of both SDP and RTP dissecto...

5CVSS5.5AI score0.02908EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2016/07/06 12:0 a.m.3 views

The vulnerability of the Wireshark Network Protocol Analyzer software allows a remote attacker to compromise the accessibility of protected information.

The vulnerability exists in the SDP dissector in Wireshark, due to the creation of copies of the hash tables for the media channel. Exploiting this vulnerability allows malicious actors operating remotely to cause a service failure abrupt termination of an application, by sending a specially...

5CVSS5.5AI score0.03163EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2016/01/05 12:0 a.m.6 views

Wireshark SDP Parser Denial of Service Vulnerability

Wireshark is the most popular network protocol parser. In Wireshark version 1.12.x prior to 1.12.9, the function dissectsdp in epan/dissectors/packet-sdp.c in the SDP parser does not prevent the use of negative media counts, and by constructing packets, a remote attacker can cause a denial of...

5.5CVSS7.6AI score0.01539EPSS
Exploits0References1
OSV
OSV
added 2016/01/04 5:59 a.m.2 views

DEBIAN-CVE-2015-8717

The dissectsdp function in epan/dissectors/packet-sdp.c in the SDP dissector in Wireshark 1.12.x before 1.12.9 does not prevent use of a negative media count, which allows remote attackers to cause a denial of service application crash via a crafted packet...

5.5CVSS7.3AI score0.01539EPSS
Exploits0References1
CNVD
CNVD
added 2015/06/11 12:0 a.m.3 views

Cisco TelePresence Video Communication Server SDP Processing Denial of Service Vulnerability

Cisco TelePresence Video Communication Server is a video conferencing solution that integrates h.323 and SIP. Cisco TelePresence Video Communication Server handles SDP with a security vulnerability that allows an attacker to send specially crafted SDP parameter negotiation requests over a SIP...

7.1CVSS6.8AI score0.01874EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2015/03/19 12:0 a.m.25 views

Cisco TelePresence Conductor SDP Media Description Vulnerability

According to its self-reported version number, the Cisco TelePresence Conductor on the remote host contains an vulnerability related to the Session Description Protocol SDP packet handler function. A remote, unauthenticated attacker, using a crafted SDP packet to trigger a reload, can exploit thi...

7.8CVSS5.6AI score0.01895EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2015/03/19 12:0 a.m.23 views

Cisco TelePresence VCS / Expressway Series < 8.2 SDP Media Description Vulnerability

According to the self-reported version, the Cisco TelePresence VCS or Expressway Series on the remote host contains an vulnerability related to the Session Description Protocol SDP packet handler function. A remote, unauthenticated attacker, using a crafted SDP packet to trigger a reload, can...

7.8CVSS5.5AI score0.01895EPSS
Exploits0References3
CNVD
CNVD
added 2015/03/13 12:0 a.m.5 views

Cisco TelePresence VCS and Conductor SDP Message Denial of Service Vulnerability

Cisco TelePresence is a telepresence conferencing solution developed by Cisco.Cisco Expressway is a video conferencing application. A security vulnerability in Cisco TelePresence VCS and Conductor SDP message handling allows attackers to exploit the vulnerability to submit special IPv4 or IPv6v6...

7.8CVSS6.8AI score0.01895EPSS
Exploits0References1
CNVD
CNVD
added 2015/02/10 12:0 a.m.5 views

Digium Asterisk Open Source Resource Management Error Vulnerability

Digium Asterisk Open Source is an open source telephone exchange PBX system software from Digium. The software supports voicemail, multi-party voice conferencing, interactive voice response IVR and so on. A security vulnerability exists in Digium Asterisk Open Source versions 12.x prior to 12.8.1...

3.5CVSS6.7AI score0.0303EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2014/10/21 7:41 p.m.7 views

wireshark: RTP dissector crash (wnpa-sec-2014-12)

Use-after-free vulnerability in the SDP dissector in Wireshark 1.10.x before 1.10.10 allows remote attackers to cause a denial of service application crash via a crafted packet that leverages split memory ownership between the SDP and RTP dissectors...

5CVSS5.9AI score0.02908EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2014/10/21 7:41 p.m.3 views

wireshark: RTP dissector crash (wnpa-sec-2014-12)

The SDP dissector in Wireshark 1.10.x before 1.10.10 creates duplicate hashtables for a media channel, which allows remote attackers to cause a denial of service application crash via a crafted packet to the RTP dissector...

5CVSS5.9AI score0.03163EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2014/09/30 12:0 a.m.46 views

Cisco IOS Software Network Address Translation (NAT) ALG Module DoS (cisco-sa-20140924-nat)

According to its self-reported version, the version of Cisco IOS running on the remote host is affected by a denial of service vulnerability in the Network Address Translation NAT application-layer gateway ALG module. This issue exists due to improper handling of multipart Session Description...

7.1CVSS7.8AI score0.02365EPSS
Exploits0References4
Rows per page
Query Builder