avaya call management system vulnerabilities and exploits

(subscribe to this query)

A vulnerability in the Supervisor component of Avaya Call Management System allows local administrative user to extract sensitive information from users connecting to a remote CMS host. Affected versions of CMS Supervisor include R17.0.x and R18.0.x.

Avaya Call Management System Supervisor Avaya Call Management System Supervisor 17.0.0 Avaya Call Management System Supervisor 18.0.1.0 Avaya Call Management System Supervisor 18.0.2.0

A CSV injection vulnerability was found in the Avaya Call Management System (CMS) Supervisor web application which allows a user with administrative privileges to input crafted data which, when exported to a CSV file, may attempt arbitrary command execution on the system used to ...

Avaya Avaya Call Management System Avaya Call Management System

Format string vulnerability in CDE Mailer (dtmail) on Solaris 8 and 9 allows local users to gain privileges via format strings in the argv[0] value.

Avaya Call Management System Server 9.0 Avaya Call Management System Server 11.0 Avaya Call Management System Server 12.0 Sun Dtmail Sun Solaris 8.0 Sun Solaris 9.0 Sun Sunos 5.8

An improper input validation discovered in Avaya Call Management System could allow an unauthorized remote command via a specially crafted web request. Affected versions include 18.x, 19.x before 19.2.0.7, and 20.x before 20.0.1.0.

Avaya Avaya Call Management System

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a...

Microsoft Windows 2003 Server -Microsoft Windows 7 -Microsoft Windows Server 2003 -Microsoft Windows Server 2008 -Microsoft Windows Server 2008 R2 Microsoft Windows Vista -Microsoft Windows Xp -Avaya Agent Access Avaya Aura Conferencing Standard Edition 6.0.0 Avaya Basic Call Management System Reporting Desktop Avaya Call Management Server Supervisor Avaya Callpilot

Integer overflow in the TIFFFetchStripThing function in tif_dirread.c for libtiff 3.6.1 allows remote malicious users to execute arbitrary code via a TIFF file with the STRIPOFFSETS flag and a large number of strips, which causes a zero byte buffer to be allocated and leads to a ...

Avaya Call Management System Server 8.0 Avaya Call Management System Server 9.0 Avaya Call Management System Server 11.0 Avaya Call Management System Server 12.0 Avaya Call Management System Server 13.0 Avaya Cvlan Avaya Integrated Management Avaya Interactive Response Avaya Interactive Response 1.2.1 Avaya Interactive Response 1.3 Avaya Intuity Audix Lx F5 Icontrol Service Manager 1.3

The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote malicious users to cause a denial of service (crash) via a crafted SSL/TLS handshak...

Cisco Firewall Services Module Cisco Firewall Services Module 1.1.2 Cisco Firewall Services Module 1.1.3 Cisco Firewall Services Module 1.1 (3.005)Cisco Firewall Services Module 2.1 (0.208)Hp Aaa Server Hp Apache-based Web Server 2.0.43.00 Hp Apache-based Web Server 2.0.43.04 Symantec Clientless Vpn Gateway 4400 5.0 Cisco Ciscoworks Common Management Foundation 2.1 Cisco Ciscoworks Common Services 2.2 Avaya Converged Communications Server 2.0

The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote malicious users to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.

Cisco Firewall Services Module Cisco Firewall Services Module 1.1.2 Cisco Firewall Services Module 1.1.3 Cisco Firewall Services Module 1.1 (3.005)Cisco Firewall Services Module 2.1 (0.208)Hp Aaa Server Hp Apache-based Web Server 2.0.43.00 Hp Apache-based Web Server 2.0.43.04 Symantec Clientless Vpn Gateway 4400 5.0 Cisco Ciscoworks Common Management Foundation 2.1 Cisco Ciscoworks Common Services 2.2 Avaya Converged Communications Server 2.0

OpenSSL 0.9.6 prior to 0.9.6d does not properly handle unknown message types, which allows remote malicious users to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.

Cisco Firewall Services Module Cisco Firewall Services Module 1.1.2 Cisco Firewall Services Module 1.1.3 Cisco Firewall Services Module 1.1 (3.005)Cisco Firewall Services Module 2.1 (0.208)Hp Aaa Server Hp Apache-based Web Server 2.0.43.00 Hp Apache-based Web Server 2.0.43.04 Symantec Clientless Vpn Gateway 4400 5.0 Cisco Ciscoworks Common Management Foundation 2.1 Cisco Ciscoworks Common Services 2.2 Avaya Converged Communications Server 2.0

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook