CVE-2015-0602
https://notcve.org/view.php?id=CVE-2015-0602
The mobility extension on Cisco Unified IP 9900 phones with firmware 9.4(.1) and earlier allows remote attackers to obtain sensitive information by sniffing the network, aka Bug ID CSCuq12117. La extensión de movilidad en los teléfonos Cisco Unified IP 9900 con firmware 9.4(.1) y anteriores permite a atacantes remotos obtener información sensible mediante la captura de trafico de la red, también conocido como Bug ID CSCuq12117. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0602 http://tools.cisco.com/security/center/viewAlert.x?alertId=37342 http://www.securityfocus.com/bid/72482 https://exchange.xforce.ibmcloud.com/vulnerabilities/100615 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2015-0603
https://notcve.org/view.php?id=CVE-2015-0603
Cisco Unified IP 9900 phones with firmware 9.4(.1) and earlier use weak permissions for unspecified files, which allows local users to cause a denial of service (persistent hang or reboot) by writing to a phone's filesystem, aka Bug ID CSCup90474. Los teléfonos Cisco Unified IP 9900 con firmware 9.4(.1) y anteriores utilizan permisos débiles para ficheros no especificados, lo que permite a usuarios locales causar una denegación de servicio (cuelgue persistente o reinicio) mediante la escritura al sistema de ficheros de un teléfono, también conocido como Bug ID CSCup90474. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0603 http://tools.cisco.com/security/center/viewAlert.x?alertId=37345 http://www.securityfocus.com/bid/72484 https://exchange.xforce.ibmcloud.com/vulnerabilities/100619 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2015-0604
https://notcve.org/view.php?id=CVE-2015-0604
The web framework on Cisco Unified IP 9900 phones with firmware 9.4(.1) and earlier allows remote attackers to upload files to arbitrary locations on a phone's filesystem via crafted HTTP requests, aka Bug ID CSCup90424. El Framework web en los teléfonos Cisco Unified IP 9900 con firmware 9.4(.1) y anteriores permite a atacantes remotos subir ficheros a localizaciones arbitrarias al sistema de ficheros de un teléfono a través de solicitudes HTTP manipuladas, también conocido como Bug ID CSCup90424. • http://secunia.com/advisories/62761 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0604 http://tools.cisco.com/security/center/viewAlert.x?alertId=37346 http://www.securityfocus.com/bid/72485 https://exchange.xforce.ibmcloud.com/vulnerabilities/100620 • CWE-20: Improper Input Validation •
CVE-2015-0601
https://notcve.org/view.php?id=CVE-2015-0601
Cisco Unified IP 9900 phones with firmware 9.4(.1) and earlier allow local users to cause a denial of service (device reload) via crafted commands, aka Bug ID CSCup92790. Los teléfonos Cisco Unified IP 9900 con firmware 9.4(.1) y anteriores permiten a usuarios locales causar una denegación de servicio (recarga del dispositivo) a través de comandos manipulados, también conocido como Bug ID CSCup92790. • http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0601 http://tools.cisco.com/security/center/viewAlert.x?alertId=37344 http://www.securityfocus.com/bid/72483 https://exchange.xforce.ibmcloud.com/vulnerabilities/100617 • CWE-20: Improper Input Validation •
CVE-2014-0658
https://notcve.org/view.php?id=CVE-2014-0658
Cisco 9900 Unified IP phones allow remote attackers to cause a denial of service (unregistration) via a crafted SIP header, aka Bug ID CSCul24898. Los teléfonos Ip Cisco 9900 Unified permiten a atacantes remotos causar uan denegación de servicio (unregistration) a través de una cabecera SIP manipulada, tambien conocido como Bug ID CSCul24898. • http://osvdb.org/101913 http://secunia.com/advisories/56384 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0658 http://tools.cisco.com/security/center/viewAlert.x?alertId=32402 http://www.securityfocus.com/bid/64770 http://www.securitytracker.com/id/1029596 https://exchange.xforce.ibmcloud.com/vulnerabilities/90236 • CWE-20: Improper Input Validation •