1. CVE-Search
  2. CVE-2007-4294
ID CVE-2007-4294
Summary Unspecified vulnerability in Cisco Unified Communications Manager (CUCM) 5.0, 5.1, and 6.0, and IOS 12.0 through 12.4, allows remote attackers to execute arbitrary code via a malformed SIP packet, aka CSCsi80102.
References
Vulnerable Configurations
  • cpe:2.3:o:cisco:ios:12.0:*:*:*:*:*:*:*
    cpe:2.3:o:cisco:ios:12.0:*:*:*:*:*:*:*
  • cpe:2.3:o:cisco:ios:12.1:*:*:*:*:*:*:*
    cpe:2.3:o:cisco:ios:12.1:*:*:*:*:*:*:*
  • cpe:2.3:o:cisco:ios:12.2:*:*:*:*:*:*:*
    cpe:2.3:o:cisco:ios:12.2:*:*:*:*:*:*:*
  • cpe:2.3:o:cisco:ios:12.3:*:*:*:*:*:*:*
    cpe:2.3:o:cisco:ios:12.3:*:*:*:*:*:*:*
  • cpe:2.3:o:cisco:ios:12.4:*:*:*:*:*:*:*
    cpe:2.3:o:cisco:ios:12.4:*:*:*:*:*:*:*
  • cpe:2.3:a:cisco:unified_communications_manager:5.0:*:*:*:*:*:*:*
    cpe:2.3:a:cisco:unified_communications_manager:5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:cisco:unified_communications_manager:5.1:*:*:*:*:*:*:*
    cpe:2.3:a:cisco:unified_communications_manager:5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:cisco:unified_communications_manager:6.0:*:*:*:*:*:*:*
    cpe:2.3:a:cisco:unified_communications_manager:6.0:*:*:*:*:*:*:*
CVSS
Base: 6.8 (as of 29-09-2017 - 01:29)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:P/A:P
oval via4
accepted 2010-06-14T04:00:04.080-04:00
class vulnerability
contributors
  • name Yuzheng Zhou
    organization Hewlett-Packard
  • name KASHIF LATIF
    organization DTCC
description Unspecified vulnerability in Cisco Unified Communications Manager (CUCM) 5.0, 5.1, and 6.0, and IOS 12.0 through 12.4, allows remote attackers to execute arbitrary code via a malformed SIP packet, aka CSCsi80102.
family ios
id oval:org.mitre.oval:def:5851
status accepted
submitted 2008-05-26T11:06:36.000-04:00
title Cisco IOS Session Initiation Protocol (SIP) Packet Arbitrary Code Execution Vulnerability
version 6
refmap via4
bid 25239
cisco 20070808 Voice Vulnerabilities in Cisco IOS and Cisco Unified Communications Manager
osvdb 36693
sectrack 1018538
secunia 26362
vupen ADV-2007-2816
Last major update 29-09-2017 - 01:29
Published 09-08-2007 - 21:17
Last modified 29-09-2017 - 01:29
Back to Top