2 results (0.012 seconds)

CVSS: 9.0EPSS: 1%CPEs: 9EXPL: 3

Buffer overflow in the cuil component in Cisco Telepresence System Integrator C Series 4.x before TC4.2.0 allows remote authenticated users to cause a denial of service (endpoint reboot or process crash) or possibly execute arbitrary code via a long location parameter to the getxml program, aka Bug ID CSCtq46496. Desbordamiento de búfer en el componente cuil de Cisco TelePresence System Integrator de la Serie C 4.x antes de TC4.2.0, permite a usuarios autenticados remotamente provocar una denegación de servicio (reinicio de punto final o caída del proceso) o posiblemente ejecutar código de su elección a través de un parámetro location largo en el programa GetXml, también conocido como Bug ID CSCtq46496. Cisco TelePresensce Series suffers from client-side code execution, denial of service, cookie theft, loss of confidentiality, and impersonation vulnerabilities. • https://www.exploit-db.com/exploits/17871 http://secunia.com/advisories/46057 http://secunia.com/advisories/46109 http://securityreason.com/securityalert/8393 http://securitytracker.com/id?1026072 http://www.exploit-db.com/exploits/17871 http://www.securityfocus.com/archive/1/519698/100/0/threaded http://www.securityfocus.com/bid/49670 https://exchange.xforce.ibmcloud.com/vulnerabilities/69907 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.8EPSS: 3%CPEs: 19EXPL: 2

Unspecified vulnerability in Cisco TelePresence C Series Endpoints, E/EX Personal Video units, and MXP Series Codecs, when using software versions before TC 4.0.0 or F9.1, allows remote attackers to cause a denial of service (crash) via a crafted SIP packet to port 5060 or 5061, aka Bug ID CSCtq46500. Una vulnerabilidad no especificada en TelePresence C Series Endpoints de Cisco, unidades E/EX Personal Video, y MXP Series Codecs, cuando se utilizan las versiones de software anterior a versiones 4.0.0 o F9.1 del TC, permite a los atacantes remotos causar una denegación de servicio (bloqueo) por medio de un paquete SIP diseñado al puerto 5060 o 5061, también se conoce como Bug ID CSCtq46500. Cisco TelePresensce Series suffers from client-side code execution, denial of service, cookie theft, loss of confidentiality, and impersonation vulnerabilities. • https://www.exploit-db.com/exploits/17871 http://securityreason.com/securityalert/8387 http://securityreason.com/securityalert/8389 http://www.cisco.com/en/US/products/products_security_advisory09186a0080b91395.shtml http://www.exploit-db.com/exploits/17871 http://www.securityfocus.com/archive/1/519698/100/0/threaded http://www.securityfocus.com/bid/49392 http://www.securitytracker.com/id?1025994 https://exchange.xforce.ibmcloud.com/vulnerabilities/69513 •