Stack-based Buffer Overflow in Avaya Aura Application Server 5300
CVE-2011-5096

Currently unrated

Key Information:

Vendor: Avaya
Status: Aura Application Server 5300
Vendor: CVE Published:; 3 July 2012

What is CVE-2011-5096?

A stack-based buffer overflow vulnerability exists in the cstore.exe component of the Avaya Aura Application Server 5300, which could allow remote attackers to execute arbitrary code. This vulnerability is triggered through a maliciously crafted 'cs_anams' parameter within a CONTENT_STORE_ADMIN_REQ packet. Affected versions include 1.x prior to 1.0.2 and 2.0 before Patch Bundle 10. It is crucial for users to apply the recommended patches to mitigate potential exploitation.

References

https://downloads.avaya.com/css/P8/documents/100146108

x_refsource_CONFIRM

http://zerodayinitiative.com/advisories/ZDI-11-260/

x_refsource_MISC

EPSS Score

11% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Jul 3, 2012