Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Buffer overflow in the login implementation in the Extension Mobility feature in the Unified Communications Manager Express (CME) component in Cisco IOS 12.4XW, 12.4XY, 12.4XZ, and 12.4YA allows remote attackers to execute arbitrary code or cause a denial of service via crafted HTTP requests, aka Bug ID CSCsq58779.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Cisco Unified Communications Manager Express缓冲区溢出漏洞
Vulnerability Description
Cisco Unified Communications Manager Express(CME)是美国思科公司的产品,集成于Cisco IOS的增强型IP电话解决方案的呼叫处理组件。 Cisco Unified CME的Extension Mobility功能的登录部分存在缓冲区溢出漏洞,允许未经认证的攻击者执行任意代码或导致拒绝服务。仅可从已注册的电话IP地址以HTTP请求的方式发送攻击报文。如果启用了自动注册功能(默认),攻击者就可以注册IP地址然后发送特制的负载来利用这个漏洞。
CVSS Information
N/A
Vulnerability Type
N/A