CVE-2009-2865

Sažetak

Buffer overflow in the login implementation in the Extension Mobility feature in the Unified Communications Manager Express (CME) component in Cisco IOS 12.4XW, 12.4XY, 12.4XZ, and 12.4YA allows remote attackers to execute arbitrary code or cause a denial of service via crafted HTTP requests, aka Bug ID CSCsq58779.

Reference

http://osvdb.org/58335
http://tools.cisco.com/security/center/viewAlert.x?alertId=18884
http://www.cisco.com/en/US/products/products_security_advisory09186a0080af8116.shtml
http://www.securityfocus.com/bid/36498
http://www.securitytracker.com/id?1022932
http://www.vupen.com/english/advisories/2009/2758
https://exchange.xforce.ibmcloud.com/vulnerabilities/53448

CVSS

Base:	7.6
Impact:	10.0
Exploitability:	4.9

Pristup

Vektor	Složenost	Autentikacija
NETWORK	HIGH	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:H/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

17-08-2017 - 01:30

Objavljeno

28-09-2009 - 19:30