NVD

Id
63881  
Name
CVE-2006-5277  
Description
Off-by-one error in the Certificate Trust List (CTL) Provider service (CTLProvider.exe) in Cisco Unified Communications Manager (CUCM, formerly CallManager) before 20070711 allow remote attackers to execute arbitrary code via a crafted packet that triggers a heap-based buffer overflow.  
Reject
 
CVSS Version
2  
CVSS Score
9.3  
Severity
High  
CVSS Base Score
9.3  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:C/I:C/A:C)  
Pub Date
2016-12-20  
Published
2007-07-15  
Modified Date
2011-03-07  
Seq
2006-5277  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
332966 63881 CVE-2006-5277 1018369  View
332967 63881 CVE-2006-5277 20070711 Cisco Unified Communications Manager Overflow Vulnerabilities  View
332968 63881 CVE-2006-5277 20070711 Cisco Call Manager CTLProvider.exe Remote Code Execution  View
332969 63881 CVE-2006-5277 24868  View
332970 63881 CVE-2006-5277 ADV-2007-2512  View
332971 63881 CVE-2006-5277 voip-filename-overflow(31437)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
52532 JVNDB-2007-001224 CUCM の CTL Provider サービスにおける任意のコードを実行される脆弱性 Cisco Unified Communications Manager (CUCM、前 CallManager) の Certificate Trust List (CTL) Provider サービス (CTLProvider.exe) は、一づれエラーが発生するため、任意のコードを実行される脆弱性が存在します。 CVE-2006-5277 21379 CVE-2006-5277 63881 9.3 http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-001224.html 2007-07-11 2012-06-26 View