CVE-2006-5277
published 2007-07-15CVE-2006-5277: Off-by-one error in the Certificate Trust List (CTL) Provider service (CTLProvider.exe) in Cisco Unified Communications Manager (CUCM, formerly CallManager)…
critical9.3CVSS 3.1
AVNACMAuNCCICAC
Off-by-one error in the Certificate Trust List (CTL) Provider service (CTLProvider.exe) in Cisco Unified Communications Manager (CUCM, formerly CallManager) before 20070711 allow remote attackers to execute arbitrary code via a crafted packet that triggers a heap-based buffer overflow.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | unified_callmanager | — | — |
| cisco | unified_callmanager | 3.3 – 3.3\(5\)sr2 | — |
| cisco | unified_callmanager | 4.1 – 4.1\(3\)sr4 | — |
| cisco | unified_callmanager | 4.2 – 4.2\(3\)sr1 | — |
| cisco | unified_communications_manager | 4.3 – 4.3\(1\) | — |
| cisco | unified_communications_manager | 5.1 – 5.1\(1\) | — |
| cisco | unified_communications_manager_overflow | — | — |