CVSS: 7.8EPSS: 0%CPEs: 33EXPL: 0CVE-2012-3935
https://notcve.org/view.php?id=CVE-2012-3935
12 Sep 2012 — Cisco Unified Presence (CUP) before 8.6(3) and Jabber Extensible Communications Platform (aka Jabber XCP) before 5.3 allow remote attackers to cause a denial of service (process crash) via a crafted XMPP stream header, aka Bug ID CSCtu32832. Cisco Unified Presence (CUP) antes de v8.6 (3) y Jabber Extensible Communications Platform (también conocido como Jabber XCP) antes de v5.3, permite a atacantes remotos provocar una denegación de servicio (caída del proceso) a través de una cabecera XMPP modificada, tam... • http://osvdb.org/85421 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2011-3288
https://notcve.org/view.php?id=CVE-2011-3288
06 Oct 2011 — Cisco Unified Presence before 8.5(4) does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption, and process crash) via a crafted XML document containing a large number of nested entity references, aka Bug IDs CSCtq89842 and CSCtq88547, a similar issue to CVE-2003-1564. Cisco Unified Presence antes de su versión v8.5(4) no detecta correctamente la recursividad durante la expansión de la entidad, lo que permite a atacante... • http://www.cisco.com/en/US/products/products_security_advisory09186a0080b95d47.shtml • CWE-776: Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion') •
CVSS: 7.8EPSS: 2%CPEs: 12EXPL: 0CVE-2009-2874
https://notcve.org/view.php?id=CVE-2009-2874
16 Oct 2009 — The TimesTenD process in Cisco Unified Presence 1.x, 6.x before 6.0(6), and 7.x before 7.0(4) allows remote attackers to cause a denial of service (process crash) via a large number of TCP connections to ports 16200 and 22794, aka Bug ID CSCsy17662. El proceso TimesTenD en Cisco Unified Presence v1.x, v6.x anterior a v6.0(6), y v7.x anterior a v7.0(4), permite a atacantes remotos causar una denegación de servicio (cuelgue de proceso) a través de un gran número de conexiones TCP a los puertos 16200 y 22794, ... • http://secunia.com/advisories/37039 •
CVSS: 7.8EPSS: 1%CPEs: 5EXPL: 0CVE-2008-1158
https://notcve.org/view.php?id=CVE-2008-1158
16 May 2008 — The Presence Engine (PE) service in Cisco Unified Presence before 6.0(1) allows remote attackers to cause a denial of service (core dump and service interruption) via malformed packets, aka Bug ID CSCsh50164. El servicio Presence Engine (PE) de Cisco Unified Presence versiones anteriores a 6.0(1) permite a atacantes remotos provocar una denegación de servicio (core dump e interrupción del servicio) a través de paquetes malformados, también conocido como Bug ID CSCsh50164. • http://secunia.com/advisories/30240 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 1%CPEs: 2EXPL: 0CVE-2008-1740
https://notcve.org/view.php?id=CVE-2008-1740
16 May 2008 — The Presence Engine (PE) service in Cisco Unified Presence before 6.0(1) allows remote attackers to cause a denial of service (core dump and service interruption) via an unspecified "stress test," aka Bug ID CSCsh20972. El servicio Presence Engine (PE) de Cisco Unified Presence versiones anteriores a 6.0(1) permite a atacantes remotos provocar una denegación de servicio (core dump e interrupción del servicio) a través de "pruebas de estrés" sin especificar, también conocido como Bug ID CSCsh20972. • http://secunia.com/advisories/30240 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 1%CPEs: 2EXPL: 0CVE-2008-1741
https://notcve.org/view.php?id=CVE-2008-1741
16 May 2008 — The SIP Proxy (SIPD) service in Cisco Unified Presence before 6.0(3) allows remote attackers to cause a denial of service (core dump and service interruption) via a TCP port scan, aka Bug ID CSCsj64533. El servicio SIP Proxy (SIPD) de Cisco Unified Presence versiones anteriores a 6.0(3) permite a atacantes remotos provocar una denegación de servicio (core dump e interrupción del servicio) a través de un escaneo del puerto TCP, también conocido como Bug ID CSCsj64533 • http://secunia.com/advisories/30269 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 5%CPEs: 8EXPL: 0CVE-2008-1154
https://notcve.org/view.php?id=CVE-2008-1154
04 Apr 2008 — The Disaster Recovery Framework (DRF) master server in Cisco Unified Communications products, including Unified Communications Manager (CUCM) 5.x and 6.x, Unified Presence 1.x and 6.x, Emergency Responder 2.x, and Mobility Manager 2.x, does not require authentication for requests received from the network, which allows remote attackers to execute arbitrary code via unspecified vectors. El Disaster Recovery Framework (DRF) Master Server en productos Cisco Unified Communications, incluyendo Unified Communicat... • http://secunia.com/advisories/29670 • CWE-287: Improper Authentication •
CVSS: 7.8EPSS: 1%CPEs: 7EXPL: 0CVE-2007-3775
https://notcve.org/view.php?id=CVE-2007-3775
15 Jul 2007 — Unspecified vulnerability in Cisco Unified Communications Manager (CUCM, formerly CallManager) and Unified Presence Server (CUPS) allows remote attackers to cause a denial of service (loss of cluster services) via unspecified vectors, aka (1) CSCsj09859 and (2) CSCsj19985. Vulnerabilidad no especificada en Cisco Unified Communications Manager (CUCM, antiguamente CallManager) y Unified Presence Server (CUPS) permite a atacantes remotos provocar una denegación de servicio (pérdida de servicios de clúster) med... • http://secunia.com/advisories/26039 •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0CVE-2007-3776
https://notcve.org/view.php?id=CVE-2007-3776
15 Jul 2007 — Cisco Unified Communications Manager (CUCM, formerly CallManager) and Unified Presence Server (CUPS) allow remote attackers to obtain sensitive information via unspecified vectors that reveal the SNMP community strings and configuration settings, aka (1) CSCsj20668 and (2) CSCsj25962. Cisco Unified Communications Manager (CUCM, antiguamente CallManager) y Unified Presence Server (CUPS) permiten a atacantes remotos obtener información sensible a través de vectores sin especificar que revelan las cadenas de c... • http://osvdb.org/36124 •
CVSS: 7.8EPSS: 1%CPEs: 9EXPL: 0CVE-2007-1834
https://notcve.org/view.php?id=CVE-2007-1834
03 Apr 2007 — Cisco Unified CallManager (CUCM) 5.0 before 5.0(4a)SU1 and Cisco Unified Presence Server (CUPS) 1.0 before 1.0(3) allow remote attackers to cause a denial of service (loss of voice services) via a flood of ICMP echo requests, aka bug ID CSCsf12698. Cisco Unified CallManager (CUCM) 5.0 anterior a 5.0(4a)SU1 y Cisco Unified Presence Server (CUPS) 1.0 anterior a 1.0(3) permite a atacantes remotos provocar una denegación de servicio (pérdida de servicios de voz) mediante una inundación de peticiones de eco ICMP... • http://secunia.com/advisories/24690 •