Page 7 of 42 results (0.013 seconds)

CVSS: 6.6EPSS: 0%CPEs: 145EXPL: 0

The su utility on Cisco Unified IP Phones 7900 devices (aka TNP phones) with software before 9.0.3 allows local users to gain privileges via unspecified vectors, aka Bug ID CSCtf07426. La utilidad 'su' en los dispositivos Cisco Unified IP Phones 7900 (también conocidos como teléfonos TNP) con el software anterior a la v9.0.3 permite a usuarios locales conseguir privilegios a través de vectores no especificados. Error también conocido Bug ID CSCtf07426. • http://osvdb.org/72717 http://secunia.com/advisories/44814 http://www.cisco.com/en/US/products/products_security_advisory09186a0080b80111.shtml http://www.securityfocus.com/bid/48074 http://www.securitytracker.com/id?1025588 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 7.1EPSS: 5%CPEs: 2EXPL: 0

Cisco Unified IP Phone (aka SIP phone) 7960G and 7940G with firmware P0S3-08-9-00 and possibly other versions before 8.10 allows remote attackers to cause a denial of service (device reboot) or possibly execute arbitrary code via a Realtime Transport Protocol (RTP) packet with malformed headers. Cisco Unified IP Phone (también conocido como SIP phone) 7960G y 7940G con firmware P0S3-08-9-00 y posiblemente otras versiones anteriores a v8.10 permite a atacantes remotos causar denegación de servicio (reinicio del dispositivo) o posiblemente ejecutar código de su elección mediante un paquete de Protocolo de Transporte en Tiempo Real (RTP) con cabeceras mal formadas. • http://securityreason.com/securityalert/4917 http://www.cisco.com/en/US/docs/voice_ip_comm/cuipph/7960g_7940g/firmware/sip/8_10/english/release/notes/796040sip_810.html http://www.securityfocus.com/archive/1/500059/100/0/threaded http://www.securityfocus.com/bid/33264 https://exchange.xforce.ibmcloud.com/vulnerabilities/47948 • CWE-20: Improper Input Validation •

CVSS: 9.3EPSS: 0%CPEs: 18EXPL: 0

Heap-based buffer overflow in Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G running SIP firmware might allow remote SIP servers to execute arbitrary code via a crafted challenge/response message. Desbordamiento de búfer basado en montículo en los teléfonos Cisco Unified IP Phone 7940, 7940G, 7960 y 7960G ejecutándose en un software empotrado (firmware) SIP, puede que permita a servidores SIP remotos ejecutar código de su elección mediante un mensaje de desafío/respuesta. • http://secunia.com/advisories/28935 http://www.cisco.com/en/US/products/products_security_advisory09186a0080949c7a.shtml http://www.securityfocus.com/bid/27774 http://www.securitytracker.com/id?1019411 http://www.vupen.com/english/advisories/2008/0543 https://exchange.xforce.ibmcloud.com/vulnerabilities/40498 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 10.0EPSS: 10%CPEs: 18EXPL: 0

Buffer overflow in Cisco Unified IP Phone 7940, 7940G, 7960, and 7960G running SIP firmware might allow remote attackers to execute arbitrary code via a SIP message with crafted MIME data. Desbordamiento de búfer en los teléfonos Cisco Unified IP Phone 7940, 7940G, 7960 y 7960G ejecutándose en un software empotrado (firmware) SIP, puede que permita a atacantes remotos ejecutar código de su elección mediante un mensaje SIP con los datos MIME manipulados. • http://secunia.com/advisories/28935 http://www.cisco.com/en/US/products/products_security_advisory09186a0080949c7a.shtml http://www.securityfocus.com/bid/27774 http://www.securitytracker.com/id?1019409 http://www.vupen.com/english/advisories/2008/0543 https://exchange.xforce.ibmcloud.com/vulnerabilities/40492 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.8EPSS: 1%CPEs: 18EXPL: 0

The HTTP server in Cisco Unified IP Phone 7935 and 7936 running SCCP firmware allows remote attackers to cause a denial of service (reboot) via a crafted HTTP request. El servidor HTTP en los telefonos Cisco Unified IP Phone 7935 y 7936 ejecutándose en un software empotrado (firmware) SCCP, permiten a atacantes remotos provocar una denegación de servicio (reinicio) mediante una solicitud HTTP manipulada. • http://secunia.com/advisories/28935 http://www.cisco.com/en/US/products/products_security_advisory09186a0080949c7a.shtml http://www.securityfocus.com/bid/27774 http://www.securitytracker.com/id?1019408 http://www.vupen.com/english/advisories/2008/0543 https://exchange.xforce.ibmcloud.com/vulnerabilities/40489 • CWE-20: Improper Input Validation •