CVE-2007-1490

Currently unrated

Key Information:

Vendor: Avaya
Status: Communication Manager
Vendor: CVE Published:; 16 March 2007

Summary

Unspecified maintenance web pages in Avaya S87XX, S8500, and S8300 before CM 3.1.3, and Avaya SES allow remote authenticated users to execute arbitrary commands via shell metacharacters in unspecified vectors (aka "shell command injection").

References

http://secunia.com/advisories/24434

third-party-advisoryx_refsource_SECUNIA

http://www.osvdb.org/33300

vdb-entryx_refsource_OSVDB

http://support.avaya.com/elmodocs2/security/ASA-2007-052.htm

x_refsource_CONFIRM

Timeline

Vulnerability published
Mar 16, 2007
Vulnerability Reserved
Mar 16, 2007