Cisco » Unified Presence Server : Security Vulnerabilities, CVEs, Published In 2010
The Presence Engine (PE) service in Cisco Unified Presence 6.x before 6.0(7) and 7.x before 7.0(8) does not properly handle an erroneous Contact field in the header of a SIP SUBSCRIBE message, which allows remote attackers to cause a denial of service (process failure) via a malformed message, aka Bug ID CSCtd39629.
Max CVSS
7.8
EPSS Score
0.26%
Published
2010-08-26
Updated
2010-09-09
SIPD in Cisco Unified Presence 6.x before 6.0(7) and 7.x before 7.0(8) allows remote attackers to cause a denial of service (stack memory corruption and process failure) via a malformed SIP message, aka Bug ID CSCtd14474.
Max CVSS
7.8
EPSS Score
0.18%
Published
2010-08-26
Updated
2010-09-09
2 vulnerabilities found