Denial of Service in Cisco Unified Personal Communicator 7.0
CVE-2010-3048

7.5HIGH

Key Information:

Vendor: Cisco
Status: Unified Personal Communicator
Vendor: CVE Published:; 16 January 2020

Summary

The vulnerability in Cisco Unified Personal Communicator 7.0 results from improper memory management, specifically failing to release allocated memory for received data and lacking validation of successful memory allocation. This oversight may allow attackers to exploit the service, leading to a denial of service condition that can disrupt communication functionality.

Affected Version(s)

Unified Personal Communicator 7.0 (1.13056)

References

http://www.fuzzmyapp.com/advisories/FMA-2010-002/FMA-2010...

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 16, 2020
Vulnerability Reserved
Aug 17, 2010