CVE Vulnerability

CVE-2007-5538

Buffer overflow in the Centralized TFTP File Locator Service in Cisco Unified Communications Manager (CUCM, formerly CallManager) 5.1 before 5.1(3), and Unified CallManager 5.0, allows remote attackers to execute arbitrary code or cause a denial of service via unspecified vectors involving the processing of filenames, aka CSCsh47712.

10 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 10 / Impact : 10

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

Scope

References
Link Resource
http://www.cisco.com/en/US/products/products_security_advisory09186a00808dda34.shtml
http://www.securityfocus.com/bid/26105
http://www.securitytracker.com/id?1018828
http://secunia.com/advisories/27296
http://osvdb.org/37940
http://www.vupen.com/english/advisories/2007/3532
https://exchange.xforce.ibmcloud.com/vulnerabilities/37247
Configurations

Configuration 1

cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:unified_callmanager:5.0:*:*:*:*:*:*:*
Information

Published : 2007-10-18 12:17

Updated : 2017-07-29 01:33

NVD link : CVE-2007-5538

Mitre link : CVE-2007-5538

Products Affected
No products.
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer