7 matches found
CVE-2015-4230
Cisco Headend System Releases are affected by CVE-2015-4230 due to a memory leak that can be exploited remotely to cause a denial of service (memory consumption). The issue is exploitable over network with no authentication required, per CVE details and Cisco security advisory indicating no softw...
Cisco Conductor for Videoscape and Cisco Headend System Release Arbitrary Cookie Injection Vulnerabilities
Cisco Unified MeetingPlace is a multimedia conferencing solution. The solution provides a user environment that integrates voice, video and Web conferencing. A security vulnerability exists in Cisco Conductor for Videoscape and Cisco Headend System Release, where a remote attacker sends a special...
Cisco Headend System Release Digital Broadband Delivery System CRLF Injection Vulnerability
The Cisco Headend System Release Digital Broadband Delivery System is a digital broadband delivery system. The system provides content protection, video-on-demand, and dbd backup and recovery. A CRLF injection vulnerability in the HTTP Header handler in the Digital Broadband Delivery System for...
Cisco Headend System Release UDP Denial of Service Vulnerability
The Cisco Headend System Release is a front-end broadband digital transmission system. A security vulnerability in Cisco DTACS and Cisco Headend System Release allows a remote attacker to send a large number of special UDP requests to conduct a denial-of-service attack and cause system outages...
Crlf injection
CRLF injection vulnerability in the HTTP Header Handler in Digital Broadband Delivery System in Cisco Headend System Release allows remote attackers to inject arbitrary HTTP headers, and conduct HTTP response splitting attacks or cross-site scripting XSS attacks, via a crafted request, aka Bug ID...
CVE-2015-0733
Cisco Headend System Release Digital Broadband Delivery System is affected by a CRLF injection vulnerability in the HTTP Header Handler, enabling remote attackers to inject arbitrary HTTP headers and perform HTTP response-splitting attacks (potentially enabling XSS). The issue, tracked as CVE-201...
CVE-2015-0733
CRLF injection vulnerability in the HTTP Header Handler in Digital Broadband Delivery System in Cisco Headend System Release allows remote attackers to inject arbitrary HTTP headers, and conduct HTTP response splitting attacks or cross-site scripting XSS attacks, via a crafted request, aka Bug ID...