Vulnerabilities > Cisco > IOS > 12.2.25.s10
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2011-10-03 | CVE-2011-3279 | Unspecified vulnerability in Cisco IOS and IOS XE The provider-edge MPLS NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xSG, allows remote attackers to cause a denial of service (device reload) via a malformed SIP packet to UDP port 5060, aka Bug ID CSCti98219. | 7.8 |
2011-10-03 | CVE-2011-0946 | Unspecified vulnerability in Cisco IOS and IOS XE The NAT implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 3.1.xSG, allows remote attackers to cause a denial of service (device reload or hang) via malformed NetMeeting Directory (aka Internet Locator Service or ILS) LDAP traffic, aka Bug ID CSCtd10712. | 7.8 |
2011-01-07 | CVE-2010-4687 | Improper Input Validation vulnerability in Cisco IOS STCAPP (aka the SCCP telephony control application) on Cisco IOS before 15.0(1)XA1 does not properly handle multiple calls to a shared line, which allows remote attackers to cause a denial of service (port hang) by simultaneously ending two calls that were controlled by CallManager Express (CME), aka Bug ID CSCtd42552. | 5.0 |
2011-01-07 | CVE-2010-4686 | Resource Exhaustion vulnerability in Cisco IOS CallManager Express (CME) on Cisco IOS before 15.0(1)XA1 does not properly handle SIP TRUNK traffic that contains rate bursts and a "peculiar" request size, which allows remote attackers to cause a denial of service (memory consumption) by sending this traffic over a long duration, aka Bug ID CSCtb47950. | 7.8 |
2011-01-07 | CVE-2010-4685 | Improper Certificate Validation vulnerability in Cisco IOS Cisco IOS before 15.0(1)XA1 does not clear the public key cache upon a change to a certificate map, which allows remote authenticated users to bypass a certificate ban by connecting with a banned certificate that had previously been valid, aka Bug ID CSCta79031. | 4.0 |
2011-01-07 | CVE-2010-4684 | Improper Input Validation vulnerability in Cisco IOS Cisco IOS before 15.0(1)XA1, when certain TFTP debugging is enabled, allows remote attackers to cause a denial of service (device crash) via a TFTP copy over IPv6, aka Bug ID CSCtb28877. | 7.1 |
2011-01-07 | CVE-2010-4683 | Missing Release of Resource After Effective Lifetime vulnerability in Cisco IOS Memory leak in Cisco IOS before 15.0(1)XA5 might allow remote attackers to cause a denial of service (memory consumption) by sending a crafted SIP REGISTER message over UDP, aka Bug ID CSCtg41733. | 7.8 |
2011-01-07 | CVE-2009-5040 | Resource Management Errors vulnerability in Cisco IOS CallManager Express (CME) on Cisco IOS before 15.0(1)XA allows remote authenticated users to cause a denial of service (device crash) by using an extension mobility (EM) phone to interact with the menu for SNR number changes, aka Bug ID CSCta63555. | 6.8 |
2011-01-07 | CVE-2009-5039 | Missing Release of Resource After Effective Lifetime vulnerability in Cisco IOS Memory leak in the gk_circuit_info_do_in_acf function in the H.323 implementation in Cisco IOS before 15.0(1)XA allows remote attackers to cause a denial of service (memory consumption) via a large number of calls over a long duration, as demonstrated by InterZone Clear Token (IZCT) test traffic, aka Bug ID CSCsz72535. | 5.0 |
2011-01-07 | CVE-2009-5038 | Improper Input Validation vulnerability in Cisco IOS Cisco IOS before 15.0(1)XA does not properly handle IRC traffic during a specific time period after an initial reload, which allows remote attackers to cause a denial of service (device reload) via an attempted connection to a certain IRC server, related to a "corrupted magic value," aka Bug ID CSCso05336. | 7.8 |