CVSS: 7.6EPSS: 0%CPEs: 14EXPL: 0CVE-2013-1168
https://notcve.org/view.php?id=CVE-2013-1168
11 Apr 2013 — The web server in Cisco Unified MeetingPlace Application Server 7.x before 7.1MR1 Patch 2, 8.0 before 8.0MR1 Patch 1, and 8.5 before 8.5MR3 Patch 1 does not invalidate a session upon a logout action, which makes it easier for remote attackers to hijack sessions by leveraging knowledge of a session cookie, aka Bug ID CSCuc64885. El servidor web de Cisco Unified MeetingPlace Application Server v7.x antes de v7.1MR1 revisión 2, v8.0 antes de v8.0MR1 revisión 1, y v8.5 antes de v8.5MR3 revisión 1 no invalida un... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130410-mp •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2012-5416
https://notcve.org/view.php?id=CVE-2012-5416
02 Nov 2012 — Buffer overflow in Cisco Unified MeetingPlace Web Conferencing before 7.1MR1 Patch 1, 8.0 before 8.0MR1 Patch 1, and 8.5 before 8.5MR3 allows remote attackers to cause a denial of service (daemon hang) via unspecified parameters in a POST request, aka Bug ID CSCua66341. Desbordamiento de búfer en Cisco Unified MeetingPlace Web Conferencing antes de v7.1MR1 Patch 1, v8.0 antes de v8.0MR1 Patch 1, y v8.5 antes de v8.5MR3, permite a atacantes remotos provocar una denegación de servicio (caída del demonio) a tr... • http://osvdb.org/86859 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •