| Vulnerability Name: | CVE-2005-2244 (CCN-19053) | ||||||||
| Assigned: | 2005-07-12 | ||||||||
| Published: | 2005-07-12 | ||||||||
| Updated: | 2017-07-11 | ||||||||
| Summary: | The aupair service (aupair.exe) in Cisco CallManager (CCM) 3.2 and earlier, 3.3 before 3.3(5), 4.0 before 4.0(2a)SR2b, and 4.1 4.1 before 4.1(3)SR1 allows remote attackers to execute arbitrary code or corrupt memory via crafted packets that trigger a memory allocation failure and lead to a buffer overflow. | ||||||||
| CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
| ||||||||
| CVSS v2 Severity: | 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Denial of Service | ||||||||
| References: | Source: MITRE Type: CNA CVE-2005-2244 Source: CCN Type: Cisco CallManager Web page Introduction Source: CCN Type: cisco-sa-20050712-ccm Cisco Security Advisory: Cisco CallManager Memory Handling Vulnerabilities Source: CISCO Type: Patch, Vendor Advisory 20050712 Cisco CallManager Memory Handling Vulnerabilities Source: CCN Type: OSVDB ID: 17849 Cisco CallManager aupair Service Remote Overflow Source: BID Type: UNKNOWN 14255 Source: CCN Type: BID-14255 Cisco CallManager AUPair Service Remote Heap Buffer Overflow Vulnerability Source: CCN Type: BID-16295 Cisco CallManager Multiple Remote Denial Of Service Vulnerabilities Source: XF Type: UNKNOWN malloc-return-value-dos(19053) Source: XF Type: UNKNOWN malloc-return-value-dos(19053) | ||||||||
| Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||
| BACK | |||||||||