CVSS: 6.6EPSS: 0%CPEs: 145EXPL: 0CVE-2011-1602
https://notcve.org/view.php?id=CVE-2011-1602
The su utility on Cisco Unified IP Phones 7900 devices (aka TNP phones) with software before 9.0.3 allows local users to gain privileges via unspecified vectors, aka Bug ID CSCtf07426. La utilidad 'su' en los dispositivos Cisco Unified IP Phones 7900 (también conocidos como teléfonos TNP) con el software anterior a la v9.0.3 permite a usuarios locales conseguir privilegios a través de vectores no especificados. Error también conocido Bug ID CSCtf07426. • http://osvdb.org/72717 http://secunia.com/advisories/44814 http://www.cisco.com/en/US/products/products_security_advisory09186a0080b80111.shtml http://www.securityfocus.com/bid/48074 http://www.securitytracker.com/id?1025588 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.1EPSS: 5%CPEs: 2EXPL: 0CVE-2008-4444
https://notcve.org/view.php?id=CVE-2008-4444
Cisco Unified IP Phone (aka SIP phone) 7960G and 7940G with firmware P0S3-08-9-00 and possibly other versions before 8.10 allows remote attackers to cause a denial of service (device reboot) or possibly execute arbitrary code via a Realtime Transport Protocol (RTP) packet with malformed headers. Cisco Unified IP Phone (también conocido como SIP phone) 7960G y 7940G con firmware P0S3-08-9-00 y posiblemente otras versiones anteriores a v8.10 permite a atacantes remotos causar denegación de servicio (reinicio del dispositivo) o posiblemente ejecutar código de su elección mediante un paquete de Protocolo de Transporte en Tiempo Real (RTP) con cabeceras mal formadas. • http://securityreason.com/securityalert/4917 http://www.cisco.com/en/US/docs/voice_ip_comm/cuipph/7960g_7940g/firmware/sip/8_10/english/release/notes/796040sip_810.html http://www.securityfocus.com/archive/1/500059/100/0/threaded http://www.securityfocus.com/bid/33264 https://exchange.xforce.ibmcloud.com/vulnerabilities/47948 • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 0%CPEs: 18EXPL: 0CVE-2008-0531
https://notcve.org/view.php?id=CVE-2008-0531
Heap-based buffer overflow in Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G running SIP firmware might allow remote SIP servers to execute arbitrary code via a crafted challenge/response message. Desbordamiento de búfer basado en montículo en los teléfonos Cisco Unified IP Phone 7940, 7940G, 7960 y 7960G ejecutándose en un software empotrado (firmware) SIP, puede que permita a servidores SIP remotos ejecutar código de su elección mediante un mensaje de desafío/respuesta. • http://secunia.com/advisories/28935 http://www.cisco.com/en/US/products/products_security_advisory09186a0080949c7a.shtml http://www.securityfocus.com/bid/27774 http://www.securitytracker.com/id?1019411 http://www.vupen.com/english/advisories/2008/0543 https://exchange.xforce.ibmcloud.com/vulnerabilities/40498 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 10%CPEs: 18EXPL: 0CVE-2008-0528
https://notcve.org/view.php?id=CVE-2008-0528
Buffer overflow in Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G running SIP firmware might allow remote attackers to execute arbitrary code via a SIP message with crafted MIME data. Desbordamiento de búfer en los teléfonos Cisco Unified IP Phone 7940, 7940G, 7960 y 7960G ejecutándose en un software empotrado (firmware) SIP, puede que permita a atacantes remotos ejecutar código de su elección mediante un mensaje SIP con los datos MIME manipulados. • http://secunia.com/advisories/28935 http://www.cisco.com/en/US/products/products_security_advisory09186a0080949c7a.shtml http://www.securityfocus.com/bid/27774 http://www.securitytracker.com/id?1019409 http://www.vupen.com/english/advisories/2008/0543 https://exchange.xforce.ibmcloud.com/vulnerabilities/40492 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 1%CPEs: 18EXPL: 0CVE-2008-0527
https://notcve.org/view.php?id=CVE-2008-0527
The HTTP server in Cisco Unified IP Phone 7935 and 7936 running SCCP firmware allows remote attackers to cause a denial of service (reboot) via a crafted HTTP request. El servidor HTTP en los telefonos Cisco Unified IP Phone 7935 y 7936 ejecutándose en un software empotrado (firmware) SCCP, permiten a atacantes remotos provocar una denegación de servicio (reinicio) mediante una solicitud HTTP manipulada. • http://secunia.com/advisories/28935 http://www.cisco.com/en/US/products/products_security_advisory09186a0080949c7a.shtml http://www.securityfocus.com/bid/27774 http://www.securitytracker.com/id?1019408 http://www.vupen.com/english/advisories/2008/0543 https://exchange.xforce.ibmcloud.com/vulnerabilities/40489 • CWE-20: Improper Input Validation •