Vulnerability Database

314,343

Total vulnerabilities in the database

CVE-2009-2865

Buffer overflow in the login implementation in the Extension Mobility feature in the Unified Communications Manager Express (CME) component in Cisco IOS 12.4XW, 12.4XY, 12.4XZ, and 12.4YA allows remote attackers to execute arbitrary code or cause a denial of service via crafted HTTP requests, aka Bug ID CSCsq58779.

  • Published: Sep 28, 2009
  • Updated: Nov 9, 2025
  • CVE: CVE-2009-2865
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 7.6
  • AV:N/AC:H/Au:N/C:C/I:C/A:C

CWEs:

Software From Fixed in
cisco / unified_communications_manager_express - -
cisco / ios 12.4xw 12.4xw.x
cisco / ios 12.4xy 12.4xy.x
cisco / ios 12.4xz 12.4xz.x
cisco / ios 12.4ya 12.4ya.x