Lucene search

[email protected]NVD:CVE-2007-5538

HistoryOct 18, 2007 - 12:17 a.m.

CVE-2007-5538

2007-10-1800:17:00

CWE-119

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

8.1

Confidence

High

EPSS

0.087

Percentile

94.6%

JSON

Buffer overflow in the Centralized TFTP File Locator Service in Cisco Unified Communications Manager (CUCM, formerly CallManager) 5.1 before 5.1(3), and Unified CallManager 5.0, allows remote attackers to execute arbitrary code or cause a denial of service via unspecified vectors involving the processing of filenames, aka CSCsh47712.

Affected configurations

Nvd

Node

ciscounified_callmanagerMatch5.0

ciscounified_communications_managerRange≤5.1\(2\)

VendorProductVersionCPE
ciscounified_callmanager5.0cpe:2.3:a:cisco:unified_callmanager:5.0:*:*:*:*:*:*:*
ciscounified_communications_manager*cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	unified_callmanager	5.0	cpe:2.3:a:cisco:unified_callmanager:5.0:::::::*
cisco	unified_communications_manager	*	cpe:2.3:a:cisco:unified_communications_manager::::::::

References

osvdb.org/37940

secunia.com/advisories/27296

www.cisco.com/en/US/products/products_security_advisory09186a00808dda34.shtml

www.securityfocus.com/bid/26105

www.securitytracker.com/id?1018828

www.vupen.com/english/advisories/2007/3532

exchange.xforce.ibmcloud.com/vulnerabilities/37247

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

8.1

Confidence

High

EPSS

0.087

Percentile

94.6%

JSON

Related for NVD:CVE-2007-5538

cve1 prion1 cvelist1 cisco1