CVSS: 6.8EPSS: 0%CPEs: 156EXPL: 0CVE-2012-5445
https://notcve.org/view.php?id=CVE-2012-5445
The kernel in Cisco Native Unix (CNU) on Cisco Unified IP Phone 7900 series devices (aka TNP phones) with software before 9.3.1-ES10 does not properly validate unspecified system calls, which allows attackers to execute arbitrary code or cause a denial of service (memory overwrite) via a crafted binary. El kernel en Cisco Native Unix (CNU) en los dispositivos Cisco Unified IP Phone 7900 series (también conocidos como teléfonos TNP) con software antes de v9.3.1-ES10 no valida correctamente algunas llamadas no especificados sistema, lo que permite a los atacantes ejecutar código de su elección o causar una denegación de servicio (sobrescritura de memoria) a través de un binario diseñado para tal fin. • http://events.ccc.de/congress/2012/Fahrplan/events/5400.en.html http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130109-uipphone • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 2%CPEs: 18EXPL: 0CVE-2008-0526
https://notcve.org/view.php?id=CVE-2008-0526
Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G running SCCP firmware allows remote attackers to cause a denial of service (reboot) via a long ICMP echo request (ping) packet. Los teléfonos Cisco Unified IP Phone 7940, 7940G, 7960 y 7960G ejecutándose en software empotrado (firmware) SCCP permiten a atacantes remotos provocar una denegación de servicio (reinicio) mediante un paquete de petición de eco ICMP (ping) grande. • http://secunia.com/advisories/28935 http://www.cisco.com/en/US/products/products_security_advisory09186a0080949c7a.shtml http://www.securityfocus.com/bid/27774 http://www.securitytracker.com/id?1019407 http://www.vupen.com/english/advisories/2008/0543 https://exchange.xforce.ibmcloud.com/vulnerabilities/40487 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 1%CPEs: 18EXPL: 0CVE-2008-0527
https://notcve.org/view.php?id=CVE-2008-0527
The HTTP server in Cisco Unified IP Phone 7935 and 7936 running SCCP firmware allows remote attackers to cause a denial of service (reboot) via a crafted HTTP request. El servidor HTTP en los telefonos Cisco Unified IP Phone 7935 y 7936 ejecutándose en un software empotrado (firmware) SCCP, permiten a atacantes remotos provocar una denegación de servicio (reinicio) mediante una solicitud HTTP manipulada. • http://secunia.com/advisories/28935 http://www.cisco.com/en/US/products/products_security_advisory09186a0080949c7a.shtml http://www.securityfocus.com/bid/27774 http://www.securitytracker.com/id?1019408 http://www.vupen.com/english/advisories/2008/0543 https://exchange.xforce.ibmcloud.com/vulnerabilities/40489 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 10%CPEs: 18EXPL: 0CVE-2008-0528
https://notcve.org/view.php?id=CVE-2008-0528
Buffer overflow in Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G running SIP firmware might allow remote attackers to execute arbitrary code via a SIP message with crafted MIME data. Desbordamiento de búfer en los teléfonos Cisco Unified IP Phone 7940, 7940G, 7960 y 7960G ejecutándose en un software empotrado (firmware) SIP, puede que permita a atacantes remotos ejecutar código de su elección mediante un mensaje SIP con los datos MIME manipulados. • http://secunia.com/advisories/28935 http://www.cisco.com/en/US/products/products_security_advisory09186a0080949c7a.shtml http://www.securityfocus.com/bid/27774 http://www.securitytracker.com/id?1019409 http://www.vupen.com/english/advisories/2008/0543 https://exchange.xforce.ibmcloud.com/vulnerabilities/40492 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 8%CPEs: 18EXPL: 0CVE-2008-0529
https://notcve.org/view.php?id=CVE-2008-0529
Buffer overflow in the telnet server in Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, and 7971G running SCCP firmware might allow remote authenticated users to execute arbitrary code via a crafted command. Desbordamiento de búfer en el servidor de telnet de Cisco Unified IP Phone 7906G, 7911G, 7941G, 7961G, 7970G, y 7971G ejecutándose en un software empotrado (firmware) SCCP, puede que permita a usuarios autenticados remotamente ejecutar código de su elección mediante un comando manipulado. • http://secunia.com/advisories/28935 http://www.cisco.com/en/US/products/products_security_advisory09186a0080949c7a.shtml http://www.securityfocus.com/bid/27774 http://www.securitytracker.com/id?1019410 http://www.vupen.com/english/advisories/2008/0543 https://exchange.xforce.ibmcloud.com/vulnerabilities/40493 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •