17 matches found
EUVD-2007-6158
Malware in sbrugna...
EUVD-2009-2855
Malware in sbrugna...
EUVD-2009-4998
Malware in sbrugna...
Cisco Unified IP Phone Exposure of Sensitive Information to an Unauthorized Actor (CVE-2007-6190)
The HTTP daemon in the Cisco Unified IP Phone, when the Extension Mobility feature is enabled, allows remote authenticated users of other phones associated with the same CUCM server to eavesdrop on the physical environment via a CiscoIPPhoneExecute message containing a URL attribute of an...
CVE-2009-5040
CallManager Express CME on Cisco IOS before 15.01XA allows remote authenticated users to cause a denial of service device crash by using an extension mobility EM phone to interact with the menu for SNR number changes, aka Bug ID CSCta63555...
CVE-2009-5040
CallManager Express CME on Cisco IOS before 15.01XA allows remote authenticated users to cause a denial of service device crash by using an extension mobility EM phone to interact with the menu for SNR number changes, aka Bug ID CSCta63555...
Design/Logic Flaw
CallManager Express CME on Cisco IOS before 15.01XA allows remote authenticated users to cause a denial of service device crash by using an extension mobility EM phone to interact with the menu for SNR number changes, aka Bug ID CSCta63555...
CVE-2009-5040
CVE-2009-5040 affects Cisco CallManager Express (CME) on Cisco IOS prior to 15.0(1)XA. The issue allows remote authenticated users to trigger a denial-of-service (device crash) by interacting with the SNR-number change menu using an Extension Mobility (EM) phone. Root cause is not detailed beyond...
CVE-2009-5040
CallManager Express CME on Cisco IOS before 15.01XA allows remote authenticated users to cause a denial of service device crash by using an extension mobility EM phone to interact with the menu for SNR number changes, aka Bug ID CSCta63555...
Cisco Unified Communications Manager Express Vulnerability - Cisco Systems
Cisco IOS devices that are configured for Cisco Unified Communications Manager Express CME and the Extension Mobility feature are affected by a buffer overflow vulnerability. Successful exploitation of this vulnerability may result in the execution of arbitrary code or a denial of service DoS...
CVE-2009-2865
Buffer overflow in the login implementation in the Extension Mobility feature in the Unified Communications Manager Express CME component in Cisco IOS 12.4XW, 12.4XY, 12.4XZ, and 12.4YA allows remote attackers to execute arbitrary code or cause a denial of service via crafted HTTP requests, aka B...
Buffer overflow
Buffer overflow in the login implementation in the Extension Mobility feature in the Unified Communications Manager Express CME component in Cisco IOS 12.4XW, 12.4XY, 12.4XZ, and 12.4YA allows remote attackers to execute arbitrary code or cause a denial of service via crafted HTTP requests, aka B...
CVE-2009-2865
CVE-2009-2865 reports a buffer overflow in the login portion of Cisco CME’s Extension Mobility, allowing remote attackers to trigger arbitrary code execution or DoS via crafted HTTP requests. The vulnerability affects Cisco IOS CME with Extension Mobility; exploitation requires HTTP requests from...
CVE-2009-2865
Buffer overflow in the login implementation in the Extension Mobility feature in the Unified Communications Manager Express CME component in Cisco IOS 12.4XW, 12.4XY, 12.4XZ, and 12.4YA allows remote attackers to execute arbitrary code or cause a denial of service via crafted HTTP requests, aka B...
Cisco Security Advisory: Cisco Unified Communications Manager Express Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco Unified Communications Manager Express Vulnerability Advisory ID: cisco-sa-20090923-cme Revision 1.0 For Public Release 2009 September 23 +--------------------------------------------------------------------- Summary...
Design/Logic Flaw
The HTTP daemon in the Cisco Unified IP Phone, when the Extension Mobility feature is enabled, allows remote authenticated users of other phones associated with the same CUCM server to eavesdrop on the physical environment via a CiscoIPPhoneExecute message containing a URL attribute of an...
Cisco Unified IP Phone Extension Mobility Monitoring Vulnerability
Cisco Unified IP Phone devices contain a vulnerability that could allow an authenticated, remote attacker to eavesdrop on ongoing conversations around an affected device, potentially resulting in a disclosure of sensitive information. The vulnerability exists due to insecure handling of the...