CVE-2005-2244

4 documents4 sources
Severity
5.0MEDIUM
EPSS
1.4%
top 19.69%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Call Manager
Timeline
PublishedJul 12
Latest updateMay 1

Description

The aupair service (aupair.exe) in Cisco CallManager (CCM) 3.2 and earlier, 3.3 before 3.3(5), 4.0 before 4.0(2a)SR2b, and 4.1 4.1 before 4.1(3)SR1 allows remote attackers to execute arbitrary code or corrupt memory via crafted packets that trigger a memory allocation failure and lead to a buffer overflow.

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

โ–ถNVDcisco/call_manager4 versions+3

Patches

Patch: www.cisco.com โ†—Patch: www.cisco.com โ†—

๐Ÿ”ดVulnerability Details

2
GHSA
GHSA-3643-vfjq-qr3j: The aupair service (aupairโ†—2022-05-01
โ–ถ
CVEList
CVE-2005-2244: The aupair service (aupairโ†—2005-07-12
โ–ถ

๐Ÿ“‹Vendor Advisories

1
Cisco
Cisco CallManager Memory Handling Vulnerabilitiesโ†—2005-07-12
โ–ถ
CVE-2005-2244 (MEDIUM CVSS 5) | The aupair service (aupair.exe) in | cvebase.io