Denial of Service Vulnerability in Microsoft Office Communications Server and Office Communicator
CVE-2008-5179

Currently unrated

Key Information:

Vendor: Microsoft
Status: Windows Live Messenger; Office Communicator; Office Communications Server
Vendor: CVE Published:; 20 November 2008

Summary

An unspecified vulnerability exists within Microsoft Office Communications Server, Office Communicator, and Windows Live Messenger, which can be exploited by remote attackers. By sending a specially crafted Real-time Transport Control Protocol (RTCP) receiver report packet, attackers can cause the targeted software to crash, resulting in a denial of service. Organizations using these products should remain aware of this vulnerability to protect their communications infrastructure.

References

http://www.voipshield.com/research-details.php?id=132

x_refsource_MISC

http://www.securityfocus.com/bid/32341

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/46670

vdb-entryx_refsource_XF

EPSS Score

30% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Nov 20, 2008
Vulnerability Reserved
Nov 20, 2008