Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
avaya call management system vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv3
CVE-2023-3527
A CSV injection vulnerability was found in the Avaya Call Management System (CMS) Supervisor web application which allows a user with administrative privileges to input crafted data which, when exported to a CSV file, may attempt arbitrary command execution on the system used to ...
Avaya Call Management System
4.4
CVSSv3
CVE-2018-15615
A vulnerability in the Supervisor component of Avaya Call Management System allows local administrative user to extract sensitive information from users connecting to a remote CMS host. Affected versions of CMS Supervisor include R17.0.x and R18.0.x.
Avaya Call Management System Supervisor 17.0.0
Avaya Call Management System Supervisor 18.0.2.0
Avaya Call Management System Supervisor 18.0.1.0
NA
CVE-2011-1229
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a...
Microsoft Windows Xp -
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2008 -
Microsoft Windows 7 -
Microsoft Windows 2003 Server -
Microsoft Windows Vista -
Microsoft Windows Server 2003 -
Avaya Integrated Management
Avaya Meeting Exchange
Avaya Aura Conferencing Standard Edition 6.0.0
Avaya Communication Server 1000 Telephony Manager
Avaya Callpilot
Avaya Messaging Application Server
Avaya Web Messenger
Avaya Visual Vector Client
Avaya Unified Communication Center
Avaya Speech Access
Avaya Outbound Contact Management
Avaya Operational Analyst
Avaya Network Reporting
Avaya Ip Softphone
Avaya Ip Agent
NA
CVE-2004-1307
Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote malicious users to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a ...
Avaya Interactive Response 1.2.1
Libtiff Libtiff 3.6.1
Conectiva Linux 9.0
Sgi Propack 3.0
Avaya Call Management System Server 8.0
F5 Icontrol Service Manager 1.3.5
Avaya Integrated Management
Avaya Interactive Response 1.3
Avaya Call Management System Server 13.0
Libtiff Libtiff 3.4
F5 Icontrol Service Manager 1.3.4
Libtiff Libtiff 3.5.7
Libtiff Libtiff 3.7.0
Avaya Intuity Audix Lx
Libtiff Libtiff 3.6.0
Libtiff Libtiff 3.5.3
Libtiff Libtiff 3.5.4
Libtiff Libtiff 3.5.2
Avaya Call Management System Server 9.0
Avaya Cvlan
Avaya Interactive Response
Libtiff Libtiff 3.5.5
7.5
CVSSv3
CVE-2004-0079
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote malicious users to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.
Cisco Firewall Services Module
Symantec Clientless Vpn Gateway 4400 5.0
Hp Apache-based Web Server 2.0.43.00
Cisco Firewall Services Module 1.1.3
Cisco Firewall Services Module 1.1.2
Hp Aaa Server
Cisco Firewall Services Module 1.1 (3.005)
Hp Apache-based Web Server 2.0.43.04
Cisco Firewall Services Module 2.1 (0.208)
Avaya Sg203 4.4
Hp Hp-ux 11.11
Redhat Enterprise Linux Desktop 3.0
Hp Hp-ux 11.23
Cisco Ciscoworks Common Management Foundation 2.1
Freebsd Freebsd 5.1
Avaya Sg208 4.4
Redhat Enterprise Linux 3.0
Avaya Sg200 4.4
Avaya Sg5 4.4
Redhat Linux 7.2
Cisco Ciscoworks Common Services 2.2
Openbsd Openbsd 3.3
NA
CVE-2004-0081
OpenSSL 0.9.6 prior to 0.9.6d does not properly handle unknown message types, which allows remote malicious users to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.
Cisco Firewall Services Module
Symantec Clientless Vpn Gateway 4400 5.0
Hp Apache-based Web Server 2.0.43.00
Cisco Firewall Services Module 1.1.3
Cisco Firewall Services Module 1.1.2
Hp Aaa Server
Cisco Firewall Services Module 1.1 (3.005)
Hp Apache-based Web Server 2.0.43.04
Cisco Firewall Services Module 2.1 (0.208)
Avaya Sg203 4.4
Hp Hp-ux 11.11
Redhat Enterprise Linux Desktop 3.0
Hp Hp-ux 11.23
Cisco Ciscoworks Common Management Foundation 2.1
Freebsd Freebsd 5.1
Avaya Sg208 4.4
Redhat Enterprise Linux 3.0
Avaya Sg200 4.4
Avaya Sg5 4.4
Redhat Linux 7.2
Cisco Ciscoworks Common Services 2.2
Openbsd Openbsd 3.3
NA
CVE-2004-0112
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote malicious users to cause a denial of service (crash) via a crafted SSL/TLS handshak...
Cisco Firewall Services Module
Symantec Clientless Vpn Gateway 4400 5.0
Hp Apache-based Web Server 2.0.43.00
Cisco Firewall Services Module 1.1.3
Cisco Firewall Services Module 1.1.2
Hp Aaa Server
Cisco Firewall Services Module 1.1 (3.005)
Hp Apache-based Web Server 2.0.43.04
Cisco Firewall Services Module 2.1 (0.208)
Avaya Sg203 4.4
Hp Hp-ux 11.11
Redhat Enterprise Linux Desktop 3.0
Hp Hp-ux 11.23
Cisco Ciscoworks Common Management Foundation 2.1
Freebsd Freebsd 5.1
Avaya Sg208 4.4
Redhat Enterprise Linux 3.0
Avaya Sg200 4.4
Avaya Sg5 4.4
Redhat Linux 7.2
Cisco Ciscoworks Common Services 2.2
Openbsd Openbsd 3.3
NA
CVE-2004-0800
Format string vulnerability in CDE Mailer (dtmail) on Solaris 8 and 9 allows local users to gain privileges via format strings in the argv[0] value.
Sun Dtmail
Avaya Call Management System Server 9.0
Avaya Call Management System Server 11.0
Avaya Call Management System Server 12.0
Sun Sunos 5.8
Sun Solaris 9.0
Sun Solaris 8.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3080
log injection
CVE-2024-6041
CVE-2024-37661
XML external entity
CVE-2024-0845
privilege escalation
CVE-2023-37057
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started