CVSS: 7.8EPSS: 0%CPEs: 33EXPL: 0CVE-2012-3935
https://notcve.org/view.php?id=CVE-2012-3935
12 Sep 2012 — Cisco Unified Presence (CUP) before 8.6(3) and Jabber Extensible Communications Platform (aka Jabber XCP) before 5.3 allow remote attackers to cause a denial of service (process crash) via a crafted XMPP stream header, aka Bug ID CSCtu32832. Cisco Unified Presence (CUP) antes de v8.6 (3) y Jabber Extensible Communications Platform (también conocido como Jabber XCP) antes de v5.3, permite a atacantes remotos provocar una denegación de servicio (caída del proceso) a través de una cabecera XMPP modificada, tam... • http://osvdb.org/85421 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2011-3288
https://notcve.org/view.php?id=CVE-2011-3288
06 Oct 2011 — Cisco Unified Presence before 8.5(4) does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory and CPU consumption, and process crash) via a crafted XML document containing a large number of nested entity references, aka Bug IDs CSCtq89842 and CSCtq88547, a similar issue to CVE-2003-1564. Cisco Unified Presence antes de su versión v8.5(4) no detecta correctamente la recursividad durante la expansión de la entidad, lo que permite a atacante... • http://www.cisco.com/en/US/products/products_security_advisory09186a0080b95d47.shtml • CWE-776: Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion') •
CVSS: 7.8EPSS: 1%CPEs: 5EXPL: 0CVE-2008-1158
https://notcve.org/view.php?id=CVE-2008-1158
16 May 2008 — The Presence Engine (PE) service in Cisco Unified Presence before 6.0(1) allows remote attackers to cause a denial of service (core dump and service interruption) via malformed packets, aka Bug ID CSCsh50164. El servicio Presence Engine (PE) de Cisco Unified Presence versiones anteriores a 6.0(1) permite a atacantes remotos provocar una denegación de servicio (core dump e interrupción del servicio) a través de paquetes malformados, también conocido como Bug ID CSCsh50164. • http://secunia.com/advisories/30240 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 1%CPEs: 2EXPL: 0CVE-2008-1740
https://notcve.org/view.php?id=CVE-2008-1740
16 May 2008 — The Presence Engine (PE) service in Cisco Unified Presence before 6.0(1) allows remote attackers to cause a denial of service (core dump and service interruption) via an unspecified "stress test," aka Bug ID CSCsh20972. El servicio Presence Engine (PE) de Cisco Unified Presence versiones anteriores a 6.0(1) permite a atacantes remotos provocar una denegación de servicio (core dump e interrupción del servicio) a través de "pruebas de estrés" sin especificar, también conocido como Bug ID CSCsh20972. • http://secunia.com/advisories/30240 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 1%CPEs: 2EXPL: 0CVE-2008-1741
https://notcve.org/view.php?id=CVE-2008-1741
16 May 2008 — The SIP Proxy (SIPD) service in Cisco Unified Presence before 6.0(3) allows remote attackers to cause a denial of service (core dump and service interruption) via a TCP port scan, aka Bug ID CSCsj64533. El servicio SIP Proxy (SIPD) de Cisco Unified Presence versiones anteriores a 6.0(3) permite a atacantes remotos provocar una denegación de servicio (core dump e interrupción del servicio) a través de un escaneo del puerto TCP, también conocido como Bug ID CSCsj64533 • http://secunia.com/advisories/30269 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 5%CPEs: 8EXPL: 0CVE-2008-1154
https://notcve.org/view.php?id=CVE-2008-1154
04 Apr 2008 — The Disaster Recovery Framework (DRF) master server in Cisco Unified Communications products, including Unified Communications Manager (CUCM) 5.x and 6.x, Unified Presence 1.x and 6.x, Emergency Responder 2.x, and Mobility Manager 2.x, does not require authentication for requests received from the network, which allows remote attackers to execute arbitrary code via unspecified vectors. El Disaster Recovery Framework (DRF) Master Server en productos Cisco Unified Communications, incluyendo Unified Communicat... • http://secunia.com/advisories/29670 • CWE-287: Improper Authentication •