7.8
CVE-2009-2051
- EPSS 3.44%
- Veröffentlicht 27.08.2009 17:00:00
- Zuletzt bearbeitet 16.06.2026 23:08:39
- Quelle psirt@cisco.com
- CVE-Watchlists
- Unerledigt
Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x and 2.6.x before 2.6.1, and Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), and 7.x before 7.1(2) allow remote attackers to cause a denial of service (device reload or voice-services outage) via a malformed SIP INVITE message that triggers an improper call to the sipSafeStrlen function, aka Bug IDs CSCsz40392 and CSCsz43987.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Cisco ≫ Unified Communications Manager Version >= 5.0 < 5.1\(3g\)
Cisco ≫ Unified Communications Manager Version >= 6.1\(1\) < 6.1\(4\)
Cisco ≫ Unified Communications Manager Version >= 7.1 < 7.1\(2\)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 3.44% | 0.874 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 10 | 6.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:C
|
http://secunia.com/advisories/36499
http://www.cisco.com/en/US/products/products_security_advisory09186a0080af2d11.shtml
http://www.securityfocus.com/bid/36152
http://www.securitytracker.com/id?1022775
http://osvdb.org/57453
http://secunia.com/advisories/36498
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b4a30f.shtml