CVE Vulnerabilities

CVE-2006-5278

Published: Jul 15, 2007 | Modified: Aug 01, 2019
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
10 HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

Integer overflow in the Real-Time Information Server (RIS) Data Collector service (RisDC.exe) in Cisco Unified Communications Manager (CUCM, formerly CallManager) before 20070711 allow remote attackers to execute arbitrary code via crafted packets, resulting in a heap-based buffer overflow.

Affected Software

Name Vendor Start Version End Version
Unified_callmanager Cisco 5.0 5.0
Unified_callmanager Cisco 3.3 3.3(5)sr2
Unified_callmanager Cisco 4.1 4.1(3)sr4
Unified_callmanager Cisco 4.2 4.2(3)sr1
Unified_communications_manager Cisco 4.3 4.3(1)
Unified_callmanager Cisco 5.1 5.1(2)

References