Lucene search

K
seebugRootSSV:20241
HistoryNov 10, 2010 - 12:00 a.m.

Cisco ICM Setup Manager Agent.exe组件多个远程溢出漏洞

2010-11-1000:00:00
Root
www.seebug.org
22

0.703 High

EPSS

Percentile

97.7%

BUGTRAQ ID: 44699
CVE ID: CVE-2010-3040

Cisco Unified Intelligent Contact Management(ICM)是思科统一通信系统的一个重要组成部分,提供了一套集成功能,允许企业部署一个混合了多个通信渠道的解决方案。

Cisco ICM中的Agent.exe组件没有正确地处理HandleUpgradeAll、AgentUpgrade、 HandleQueryNodeInfoReq和HandleUpgradeTrace类型报文,远程攻击者可以通过向默认监听的TCP 40078端口发送恶意报文触发栈溢出,导致以当前用户权限执行任意代码。

Cisco Cisco Intelligent Contact Manager 6.0
Cisco Cisco Intelligent Contact Manager 5.0
厂商补丁:

Cisco

目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

http://tools.cisco.com/security/center/viewAlert.x?alertId=21726

0.703 High

EPSS

Percentile

97.7%

Related for SSV:20241