CVE-2006-5278
published 2007-07-15CVE-2006-5278: Integer overflow in the Real-Time Information Server (RIS) Data Collector service (RisDC.exe) in Cisco Unified Communications Manager (CUCM, formerly…
critical10CVSS 3.1
AVNACLAuNCCICAC
Integer overflow in the Real-Time Information Server (RIS) Data Collector service (RisDC.exe) in Cisco Unified Communications Manager (CUCM, formerly CallManager) before 20070711 allow remote attackers to execute arbitrary code via crafted packets, resulting in a heap-based buffer overflow.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | unified_callmanager | — | — |
| cisco | unified_callmanager | 3.3 – 3.3\(5\)sr2 | — |
| cisco | unified_callmanager | 4.1 – 4.1\(3\)sr4 | — |
| cisco | unified_callmanager | 4.2 – 4.2\(3\)sr1 | — |
| cisco | unified_callmanager | 5.1 – 5.1\(2\) | — |
| cisco | unified_communications_manager | 4.3 – 4.3\(1\) | — |
| cisco | unified_communications_manager_overflow | — | — |