CVSS: 10.0EPSS: 5%CPEs: 6EXPL: 0CVE-2006-5278
https://notcve.org/view.php?id=CVE-2006-5278
Integer overflow in the Real-Time Information Server (RIS) Data Collector service (RisDC.exe) in Cisco Unified Communications Manager (CUCM, formerly CallManager) before 20070711 allow remote attackers to execute arbitrary code via crafted packets, resulting in a heap-based buffer overflow. Desbordamiento de entero en Real-Time Information Server (RIS) Data Collector service (RisDC.exe) de Cisco Unified Communications Manager (CUCM, anteriormente denominado CallManager) versiones anteriores a 20070711 permite a atacantes remotos ejecutar código de su elección mediante paquetes manipulados, resultando en un desbordamiento de búfer basado en montículo. • http://secunia.com/advisories/26043 http://securitytracker.com/id?1018369 http://www.cisco.com/warp/public/707/cisco-sa-20070711-cucm.shtml http://www.iss.net/threats/271.html http://www.osvdb.org/36121 http://www.securityfocus.com/bid/24868 http://www.vupen.com/english/advisories/2007/2512 https://exchange.xforce.ibmcloud.com/vulnerabilities/19057 •
CVSS: 7.8EPSS: 3%CPEs: 7EXPL: 0CVE-2007-3775
https://notcve.org/view.php?id=CVE-2007-3775
Unspecified vulnerability in Cisco Unified Communications Manager (CUCM, formerly CallManager) and Unified Presence Server (CUPS) allows remote attackers to cause a denial of service (loss of cluster services) via unspecified vectors, aka (1) CSCsj09859 and (2) CSCsj19985. Vulnerabilidad no especificada en Cisco Unified Communications Manager (CUCM, antiguamente CallManager) y Unified Presence Server (CUPS) permite a atacantes remotos provocar una denegación de servicio (pérdida de servicios de clúster) mediante vectores no especificados, también conocido como (1) CSCsj09859 y (2) CSCsj19985. • http://secunia.com/advisories/26039 http://securitytracker.com/id?1018368 http://www.cisco.com/warp/public/707/cisco-sa-20070711-voip.shtml http://www.osvdb.org/36123 http://www.securityfocus.com/bid/24867 http://www.vupen.com/english/advisories/2007/2511 https://exchange.xforce.ibmcloud.com/vulnerabilities/35341 •
CVSS: 5.0EPSS: 1%CPEs: 7EXPL: 0CVE-2007-3776
https://notcve.org/view.php?id=CVE-2007-3776
Cisco Unified Communications Manager (CUCM, formerly CallManager) and Unified Presence Server (CUPS) allow remote attackers to obtain sensitive information via unspecified vectors that reveal the SNMP community strings and configuration settings, aka (1) CSCsj20668 and (2) CSCsj25962. Cisco Unified Communications Manager (CUCM, antiguamente CallManager) y Unified Presence Server (CUPS) permiten a atacantes remotos obtener información sensible a través de vectores sin especificar que revelan las cadenas de comunidad SNMP y las opciones de configuración, también conocido como (1) CSCsj20668 y (2) CSCsj25962. • http://osvdb.org/36124 http://secunia.com/advisories/26039 http://securitytracker.com/id?1018368 http://www.cisco.com/warp/public/707/cisco-sa-20070711-voip.shtml http://www.securityfocus.com/bid/24867 http://www.vupen.com/english/advisories/2007/2511 https://exchange.xforce.ibmcloud.com/vulnerabilities/35344 •
CVSS: 9.3EPSS: 6%CPEs: 6EXPL: 0CVE-2006-5277
https://notcve.org/view.php?id=CVE-2006-5277
Off-by-one error in the Certificate Trust List (CTL) Provider service (CTLProvider.exe) in Cisco Unified Communications Manager (CUCM, formerly CallManager) before 20070711 allow remote attackers to execute arbitrary code via a crafted packet that triggers a heap-based buffer overflow. Error de superación de límite (off-by-one) en el servicio Certificate Trust List (CTL) Provider (CTLProvider.exe) de Cisco Unified Communications Manager (CUCM, anteriormente CallManager) anterior al 11/07/2007 permite a atacantes remotos ejecutar código de su elección mediante un paquete manipulado que dispara un desbordamiento de búfer basado en montículo. • http://secunia.com/advisories/26043 http://securitytracker.com/id?1018369 http://www.cisco.com/warp/public/707/cisco-sa-20070711-cucm.shtml http://www.iss.net/threats/270.html http://www.osvdb.org/36122 http://www.securityfocus.com/bid/24868 http://www.vupen.com/english/advisories/2007/2512 https://exchange.xforce.ibmcloud.com/vulnerabilities/31437 •