CVSS: 10.0EPSS: 62%CPEs: 9EXPL: 0CVE-2008-0027
https://notcve.org/view.php?id=CVE-2008-0027
17 Jan 2008 — Heap-based buffer overflow in the Certificate Trust List (CTL) Provider service (CTLProvider.exe) in Cisco Unified Communications Manager (CUCM) 4.2 before 4.2(3)SR3 and 4.3 before 4.3(1)SR1, and CallManager 4.0 and 4.1 before 4.1(3)SR5c, allows remote attackers to cause a denial of service or execute arbitrary code via a long request. Desbordamiento de búfer basado en pila en el servicio proveedor de Listas de Certificados Confiables (CTL, Certificate Trust List) (CTLProvider.exe) en Cisco Unified Communic... • http://dvlabs.tippingpoint.com/advisory/TPTI-08-02 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 9%CPEs: 6EXPL: 0CVE-2006-5278
https://notcve.org/view.php?id=CVE-2006-5278
15 Jul 2007 — Integer overflow in the Real-Time Information Server (RIS) Data Collector service (RisDC.exe) in Cisco Unified Communications Manager (CUCM, formerly CallManager) before 20070711 allow remote attackers to execute arbitrary code via crafted packets, resulting in a heap-based buffer overflow. Desbordamiento de entero en Real-Time Information Server (RIS) Data Collector service (RisDC.exe) de Cisco Unified Communications Manager (CUCM, anteriormente denominado CallManager) versiones anteriores a 20070711 permi... • http://secunia.com/advisories/26043 •
CVSS: 9.8EPSS: 5%CPEs: 6EXPL: 0CVE-2006-5277
https://notcve.org/view.php?id=CVE-2006-5277
15 Jul 2007 — Off-by-one error in the Certificate Trust List (CTL) Provider service (CTLProvider.exe) in Cisco Unified Communications Manager (CUCM, formerly CallManager) before 20070711 allow remote attackers to execute arbitrary code via a crafted packet that triggers a heap-based buffer overflow. Error de superación de límite (off-by-one) en el servicio Certificate Trust List (CTL) Provider (CTLProvider.exe) de Cisco Unified Communications Manager (CUCM, anteriormente CallManager) anterior al 11/07/2007 permite a atac... • http://secunia.com/advisories/26043 •
CVSS: 7.5EPSS: 2%CPEs: 25EXPL: 0CVE-2007-1833
https://notcve.org/view.php?id=CVE-2007-1833
03 Apr 2007 — The Skinny Call Control Protocol (SCCP) implementation in Cisco Unified CallManager (CUCM) 3.3 before 3.3(5)SR2a, 4.1 before 4.1(3)SR4, 4.2 before 4.2(3)SR1, and 5.0 before 5.0(4a)SU1 allows remote attackers to cause a denial of service (loss of voice services) by sending crafted packets to the (1) SCCP (2000/tcp) or (2) SCCPS (2443/tcp) port. La implementación del protocolo Skinny Call Control (SCCP) para el Cisco Unified CallManager (CUCM) 3.3 anterior al 3.3(5)SR2a, 4.1 anterior al 4.1(3)SR4, 4.2 anterio... • http://secunia.com/advisories/24665 •