CVE-2011-4019

Memory leak in Cisco IOS 12.4 and 15.0 through 15.2, and Cisco Unified Communications Manager CUCM 7.x, allows remote attackers to cause a denial of service memory consumption via a crafted response to a SIP SUBSCRIBE message, aka Bug IDs CSCto93837 and CSCtj61883...

Code injection

The Presence Engine PE service in Cisco Unified Presence 6.x before 6.07 and 7.x before 7.08 does not properly handle an erroneous Contact field in the header of a SIP SUBSCRIBE message, which allows remote attackers to cause a denial of service process failure via a malformed message, aka Bug ID...