Cisco IOS 12.2 up to and including 12.4 and 15.0 up to and including 15.1, Cisco IOS XE 2.5.x and 2.6.x prior to 2.6.1, and Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x prior to 5.1(3g), 6.x prior to 6.1(4), and 7.x prior to 7.1(2) allow remote malicious users to cause a denial of service (device reload or voice-services outage) via a malformed SIP INVITE message that triggers an improper call to the sipSafeStrlen function, aka Bug IDs CSCsz40392 and CSCsz43987.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cisco unified communications manager |
||
cisco ios |
||
cisco ios xe |