Buffer Overflow in Cisco Unified CallManager Affects VoIP Communications
CVE-2006-3594

Currently unrated

Key Information:

Vendor: Cisco
Status: Unified Callmanager
Vendor: CVE Published:; 18 July 2006

What is CVE-2006-3594?

A buffer overflow vulnerability exists in Cisco Unified CallManager versions 5.0(1) through 5.0(3a), enabling remote attackers to execute arbitrary code by crafting a long hostname in a SIP request. This flaw could compromise VoIP communications and potentially allow unauthorized access to the system, posing significant risks.

References

http://securitytracker.com/id?1016475

vdb-entryx_refsource_SECTRACK

http://www.securityfocus.com/bid/18952

vdb-entryx_refsource_BID

http://www.osvdb.org/27162

vdb-entryx_refsource_OSVDB

EPSS Score

5% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 18, 2006
Vulnerability Reserved
Jul 14, 2006