Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5538

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2007-5538
Last Modified 07 Mar 2011 10:00:52
Published 17 Oct 2007 08:17:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-5538

Summary

Buffer overflow in the Centralized TFTP File Locator Service in Cisco Unified Communications Manager (CUCM, formerly CallManager) 5.1 before 5.1(3), and Unified CallManager 5.0, allows remote attackers to execute arbitrary code or cause a denial of service via unspecified vectors involving the processing of filenames, aka CSCsh47712.

Vulnerable Systems

Application

  • Cisco Unified Callmanager 5.0

  • Cisco Unified Communications Manager 5.1%282%29


References

VUPEN - ADV-2007-3532

CISCO - 20071017 Cisco Unified Communications Manager Denial of Service Vulnerabilities

OSVDB - 37940

XF - cucm-tftp-filename-bo(37247)

SECTRACK - 1018828

BID - 26105

SECUNIA - 27296


Last Updated: 27 May 2016 10:46:12