Vulnerabilities > Cisco > Unified Communications Manager > 4.2.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-10-18 | CVE-2007-5538 | Buffer Errors vulnerability in Cisco products Buffer overflow in the Centralized TFTP File Locator Service in Cisco Unified Communications Manager (CUCM, formerly CallManager) 5.1 before 5.1(3), and Unified CallManager 5.0, allows remote attackers to execute arbitrary code or cause a denial of service via unspecified vectors involving the processing of filenames, aka CSCsh47712. | 10.0 |
2007-10-18 | CVE-2007-5537 | Resource Management Errors vulnerability in Cisco products Cisco Unified Communications Manager (CUCM, formerly CallManager) 5.1 before 5.1(2), and Unified CallManager 5.0, allow remote attackers to cause a denial of service (kernel panic) via a flood of SIP INVITE messages to UDP port 5060, which triggers resource exhaustion, aka CSCsi75822. | 7.8 |
2007-08-31 | CVE-2007-4634 | SQL Injection vulnerability in Cisco Call Manager and Unified Communications Manager Multiple SQL injection vulnerabilities in Cisco CallManager and Unified Communications Manager (CUCM) before 3.3(5)sr2b, 4.1 before 4.1(3)sr5, 4.2 before 4.2(3)sr2, and 4.3 before 4.3(1)sr1 allow remote attackers to execute arbitrary SQL commands via the lang variable to the (1) user or (2) admin logon page, aka CSCsi64265. | 9.3 |