Vulnerabilities > Cisco > IOS > 12.2mc
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2011-01-07 | CVE-2010-4684 | Improper Input Validation vulnerability in Cisco IOS Cisco IOS before 15.0(1)XA1, when certain TFTP debugging is enabled, allows remote attackers to cause a denial of service (device crash) via a TFTP copy over IPv6, aka Bug ID CSCtb28877. | 7.1 |
2011-01-07 | CVE-2010-4683 | Missing Release of Resource After Effective Lifetime vulnerability in Cisco IOS Memory leak in Cisco IOS before 15.0(1)XA5 might allow remote attackers to cause a denial of service (memory consumption) by sending a crafted SIP REGISTER message over UDP, aka Bug ID CSCtg41733. | 7.8 |
2011-01-07 | CVE-2009-5040 | Resource Management Errors vulnerability in Cisco IOS CallManager Express (CME) on Cisco IOS before 15.0(1)XA allows remote authenticated users to cause a denial of service (device crash) by using an extension mobility (EM) phone to interact with the menu for SNR number changes, aka Bug ID CSCta63555. | 6.8 |
2011-01-07 | CVE-2009-5039 | Missing Release of Resource After Effective Lifetime vulnerability in Cisco IOS Memory leak in the gk_circuit_info_do_in_acf function in the H.323 implementation in Cisco IOS before 15.0(1)XA allows remote attackers to cause a denial of service (memory consumption) via a large number of calls over a long duration, as demonstrated by InterZone Clear Token (IZCT) test traffic, aka Bug ID CSCsz72535. | 5.0 |
2011-01-07 | CVE-2009-5038 | Improper Input Validation vulnerability in Cisco IOS Cisco IOS before 15.0(1)XA does not properly handle IRC traffic during a specific time period after an initial reload, which allows remote attackers to cause a denial of service (device reload) via an attempted connection to a certain IRC server, related to a "corrupted magic value," aka Bug ID CSCso05336. | 7.8 |
2011-01-07 | CVE-2010-4671 | Resource Exhaustion vulnerability in Cisco IOS The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Cisco IOS before 15.0(1)XA5 allows remote attackers to cause a denial of service (CPU consumption and device hang) by sending many Router Advertisement (RA) messages with different source addresses, as demonstrated by the flood_router6 program in the thc-ipv6 package, aka Bug ID CSCti33534. | 7.8 |
2010-03-25 | CVE-2010-0586 | Unspecified vulnerability in Cisco IOS Cisco IOS 12.1 through 12.4, when Cisco Unified Communications Manager Express (CME) or Cisco Unified Survivable Remote Site Telephony (SRST) is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed Skinny Client Control Protocol (SCCP) message, aka Bug ID CSCsz49741, the "SCCP Request Handling Denial of Service Vulnerability." | 7.8 |
2010-03-25 | CVE-2010-0585 | Unspecified vulnerability in Cisco IOS Cisco IOS 12.1 through 12.4, when Cisco Unified Communications Manager Express (CME) or Cisco Unified Survivable Remote Site Telephony (SRST) is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed Skinny Client Control Protocol (SCCP) message, aka Bug ID CSCsz48614, the "SCCP Packet Processing Denial of Service Vulnerability." | 7.8 |
2010-03-25 | CVE-2010-0582 | Unspecified vulnerability in Cisco IOS Cisco IOS 12.1 through 12.4, and 15.0M before 15.0(1)M1, allows remote attackers to cause a denial of service (interface queue wedge) via malformed H.323 packets, aka Bug ID CSCta19962. | 7.8 |
2010-03-25 | CVE-2010-0577 | Resource Management Errors vulnerability in Cisco IOS Cisco IOS 12.2 through 12.4, when certain PMTUD, SNAT, or window-size configurations are used, allows remote attackers to cause a denial of service (infinite loop, and device reload or hang) via a TCP segment with crafted options, aka Bug ID CSCsz75186. | 7.1 |