CVE-2014-3337
CVE-2014-3337 affects the SIP subsystem in Cisco Unified Communications Manager (CM) 8.6(.2) and earlier. A remote authenticated attacker can trigger a denial of service (process crash) by sending a crafted SIP message that exploits improper handling during XML processing, due to a failure to san...