← Back

CVE-2006-5277

nvd nist
Published: Jul 15, 2007Modified: Apr 23, 2026

JSON object

Loading...
9.3
Vector
AV:N/AC:M/Au:N/C:C/I:C/A:C
Exploitability: 8.6 / Impact: 10.0
Source: NVD

Description

Off-by-one error in the Certificate Trust List (CTL) Provider service (CTLProvider.exe) in Cisco Unified Communications Manager (CUCM, formerly CallManager) before 20070711 allow remote attackers to execute arbitrary code via a crafted packet that triggers a heap-based buffer overflow.

Affected (6)

Cisco
2 products
Unified Callmanager
Unified Communications Manager
Configuration A
6 vulnerable
Vulnerable SoftwareAffected Versions
Cisco
Unified Callmanager
From 3.3 to 3.3\(5\)sr2
Unified Callmanager
From 4.1 to 4.1\(3\)sr4
Unified Callmanager
From 4.2 to 4.2\(3\)sr1
Unified Callmanager
Version 5.0
Cisco
Unified Communications Manager
From 4.3 to 4.3\(1\)
Unified Communications Manager
From 5.1 to 5.1\(1\)

References (16)

Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party AdvisoryVDB Entry
Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
Broken Link
Source: cve@mitre.org
Broken Link
Source: cve@mitre.org
Third Party AdvisoryVDB Entry
Source: cve@mitre.org
Permissions RequiredThird Party Advisory
Source: cve@mitre.org
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Permissions RequiredThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry

Timeline

No history available yet.