CVE-2014-0658
- EPSS 1.75%
- Published 10.01.2014 16:47:06
- Last modified 11.04.2025 00:51:21
Cisco 9900 Unified IP phones allow remote attackers to cause a denial of service (unregistration) via a crafted SIP header, aka Bug ID CSCul24898.
CVE-2013-6685
- EPSS 0.06%
- Published 13.11.2013 15:55:04
- Last modified 11.04.2025 00:51:21
The firmware on Cisco Unified IP phones 8961, 9951, and 9971 uses weak permissions for memory block devices, which allows local users to gain privileges by mounting a device with a setuid file in its filesystem, aka Bug ID CSCui04382.
- EPSS 0.81%
- Published 11.10.2013 03:54:53
- Last modified 11.04.2025 00:51:21
Buffer overflow in the web-application interface on Cisco 9900 IP phones allows remote attackers to cause a denial of service (webapp interface outage) via long values in unspecified fields, aka Bug ID CSCuh10343.
- EPSS 0.26%
- Published 11.10.2013 03:54:53
- Last modified 11.04.2025 00:51:21
The image-upgrade functionality on Cisco 9900 Unified IP phones allows local users to gain privileges by placing shell commands in an unspecified parameter, aka Bug ID CSCuh10334.
CVE-2013-5526
- EPSS 0.77%
- Published 10.10.2013 10:55:06
- Last modified 11.04.2025 00:51:21
Cisco 9900 fourth-generation IP phones do not properly perform SDP negotiation, which allows remote attackers to cause a denial of service (device reboot) via crafted SDP packets, aka Bug ID CSCuf06698.
- EPSS 0.38%
- Published 18.07.2013 12:51:14
- Last modified 11.04.2025 00:51:21
The Serviceability servlet on Cisco 9900 IP phones does not properly restrict paths, which allows remote attackers to read arbitrary files by specifying a pathname in a file request, aka Bug ID CSCuh52810.