Denial of Service Vulnerability in Microsoft Communicator and Office 2010 Beta
CVE-2008-5180

Currently unrated

Key Information:

Vendor: Microsoft
Status: Office Communicator
Vendor: CVE Published:; 20 November 2008

Summary

A vulnerability in Microsoft Communicator and the beta version of Microsoft Office 2010 allows remote attackers to exploit the system by sending a large volume of SIP INVITE requests. This overwhelming influx of requests can lead to significant memory consumption, triggering the creation of multiple sessions, effectively causing a denial of service. As a consequence, legitimate users may experience disruptions in communication services. Organizations utilizing these products should be aware of this vulnerability and implement necessary measures to mitigate potential attacks.

References

https://www.exploit-db.com/exploits/7262

exploitx_refsource_EXPLOIT-DB

http://www.securityfocus.com/bid/39221

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/46673

vdb-entryx_refsource_XF

EPSS Score

84% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Nov 20, 2008
Vulnerability Reserved
Nov 20, 2008