Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x and 2.6.x before 2.6.1, and Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), and 7.x before 7.1(2) allow remote attackers to cause a denial of service (device reload or voice-services outage) via a malformed SIP INVITE message that triggers an improper call to the sipSafeStrlen function, aka Bug IDs CSCsz40392 and CSCsz43987.
Score CVSS v2.0
7.8
/ 10.0
HIGH
AV:N/AC:L/Au:N/C:N/I:N/A:C
Informations
- Publié
- 27 août 2009
- Mis à jour
- 23 avr. 2026
- Statut
- Modified
- Source
- psirt@cisco.com
Produits affectés
cisco unified communications manager
Versions : 5.1\(3g\), 6.1\(4\), 7.1\(2\)
cisco ios
Versions : 12.4, 15.1
cisco ios xeToutes les CVE Cisco IOS XE →
Versions : 2.6.1
Faiblesses (CWE)
NVD-CWE-Other
Références (14)
- http://osvdb.org/57453Broken Link
- http://secunia.com/advisories/36498Third Party Advisory
- http://secunia.com/advisories/36499Third Party Advisory
- http://www.securityfocus.com/bid/36152Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id?1022775Third Party AdvisoryVDB Entry
- http://osvdb.org/57453Broken Link
- http://secunia.com/advisories/36498Third Party Advisory
- http://secunia.com/advisories/36499Third Party Advisory
- http://www.securityfocus.com/bid/36152Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id?1022775Third Party AdvisoryVDB Entry
Surveillez vos produits
Recevez une alerte automatique à chaque nouvelle CVE affectant vos équipements.