CVE-2007-5538

Currently unrated

Key Information:

Vendor: Cisco
Status: Unified Communications Manager; Unified Callmanager
Vendor: CVE Published:; 18 October 2007

Summary

Buffer overflow in the Centralized TFTP File Locator Service in Cisco Unified Communications Manager (CUCM, formerly CallManager) 5.1 before 5.1(3), and Unified CallManager 5.0, allows remote attackers to execute arbitrary code or cause a denial of service via unspecified vectors involving the processing of filenames, aka CSCsh47712.

References

http://www.securityfocus.com/bid/26105

vdb-entryx_refsource_BID

http://osvdb.org/37940

vdb-entryx_refsource_OSVDB

http://www.vupen.com/english/advisories/2007/3532

vdb-entryx_refsource_VUPEN

EPSS Score

8% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Oct 18, 2007
Vulnerability Reserved
Oct 17, 2007