Off-by-one error in the Certificate Trust List (CTL) Provider service (CTLProvider.exe) in Cisco Unified Communications Manager (CUCM, formerly CallManager) prior to 20070711 allow remote malicious users to execute arbitrary code via a crafted packet that triggers a heap-based buffer overflow.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cisco unified communications manager |
||
cisco unified callmanager |
||
cisco unified callmanager 5.0 |