CVE-2007-5538

Buffer overflow in the Centralized TFTP File Locator Service in Cisco Unified Communications Manager (CUCM, formerly CallManager) 5.1 before 5.1(3), and Unified CallManager 5.0, allows remote attackers to execute arbitrary code or cause a denial of service via unspecified vectors involving the processing of filenames, aka CSCsh47712.

Published: Oct 18, 2007
Updated: Apr 13, 2023
CVE: CVE-2007-5538
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 10
AV:N/AC:L/Au:N/C:C/I:C/A:C

CWEs:

CWE-119

Affected Software
References

Software	From	Fixed in
cisco / unified_communications_manager	-	5.1\(2\).x
cisco / unified_callmanager	5.0	5.0.x

http://osvdb.org/37940
http://secunia.com/advisories/27296
http://www.cisco.com/en/US/products/products_security_advisory09186a00808dda34.shtml
http://www.securityfocus.com/bid/26105
http://www.securitytracker.com/id?1018828
http://www.vupen.com/english/advisories/2007/3532
https://exchange.xforce.ibmcloud.com/vulnerabilities/37247

Vulnerability Database

289,599

CVE-2007-5538