4 matches found
CVE-2007-1467
The CVE-2007-1467 entry describes multiple cross-site scripting (XSS) vulnerabilities affecting Cisco Secure Access Control Server and related Cisco products. The root issue is insufficient input filtering in the search form used by PreSearch.html and PreSearch.class, allowing remote attackers to...
CVE-2012-2490
CVE-2012-2490 affects Cisco IP Communicator 8.6. An unauthenticated, remote attacker could carry out a Man-in-the-Middle attack to replace or modify the Certificate Trust List due to insufficient validation of signing certificates in the Trust List (Bug CSCtz01471). Exploitation details are not f...
CVE-2012-0361
CVE-2012-0361 affects the sccp-protocol component in Cisco IP Communicator (CIPC) versions 7.0–8.6. The issue is that it does not limit the rate of SCCP messages to Cisco Unified Communications Manager (CUCM), which allows remote attackers to cause a denial of service via vectors that trigger (1)...
CVE-2015-4240
Cisco IP Communicator 8.6(4) is affected by CVE-2015-4240. A remote attacker can cause a denial of service by sending an HTTP GET request to a specific URL, targeting the web interface; this could take the web service offline. Cisco has acknowledged the vulnerability and released software updates...