10
CVSSv2

CVE-2014-2171

Published: 02/05/2014 Updated: 02/05/2014
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
VMScore: 890
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Summary

Heap-based buffer overflow in Cisco TelePresence TC Software 4.x up to and including 6.x prior to 6.0.1 and TE Software 4.x and 6.0.x prior to 6.0.2 allows remote malicious users to execute arbitrary code via crafted SIP packets, aka Bug ID CSCud81796.

Affected Products

Vendor Product Versions
CiscoTelepresence Tc Software4.0.0, 4.0.1, 4.0.4, 4.1.1, 4.1.2, 4.2.0, 4.2.1, 4.2.2, 4.2.3, 4.2.4, 5.0.0, 5.0.1, 5.0.2, 5.1.0, 5.1.1, 5.1.2, 5.1.3, 5.1.4, 5.1.5, 5.1.6, 5.1.7, 6.0.0
CiscoTelepresence Te Software4.1.0, 4.1.1, 4.1.2, 4.1.3, 6.0, 6.0.1

Vendor Advisories

Cisco TelePresence TC and TE Software are affected by the following vulnerabilities: Six Session Initiation Protocol (SIP) denial of service vulnerabilities Cisco TelePresence TC and TE Software DNS Buffer Overflow Vulnerability Cisco TelePresence TC and TE Software Input Validation Vulnerability Cisco TelePresence TC and TE Softwa ...