CVE-2008-5180

Published: Nov 20, 2008Modified: Apr 23, 2026

5.3

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Exploitability: 3.9 / Impact: 1.4

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

Microsoft Communicator, and Communicator in Microsoft Office 2010 beta, allows remote attackers to cause a denial of service (memory consumption) via a large number of SIP INVITE requests, which trigger the creation of many sessions.

Affected (1)

Products: Microsoft: Office Communicator

Microsoft

1 product

Office Communicator

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Microsoft Office Communicator	All versions

Related CWEs

CWE-770

Allocation of Resources Without Limits or Throttling

The product allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on the size or number of resources that can be allocated, in violation of the intended security policy for that actor.

References (16)

http://secunia.com/advisories/32940

Source: cve@mitre.org

Broken Link

http://www.exploit-db.com/exploits/12079

Source: cve@mitre.org

ExploitThird Party AdvisoryVDB Entry

http://www.securityfocus.com/bid/39221

Source: cve@mitre.org

Broken LinkThird Party AdvisoryVDB Entry

http://www.securitytracker.com/id?1021294

Source: cve@mitre.org

Broken LinkThird Party AdvisoryVDB Entry

http://www.voipshield.com/research-details.php?id=133

Source: cve@mitre.org

Broken Link

https://exchange.xforce.ibmcloud.com/vulnerabilities/46673

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

https://exchange.xforce.ibmcloud.com/vulnerabilities/57581

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

https://www.exploit-db.com/exploits/7262

Source: cve@mitre.org

ExploitThird Party AdvisoryVDB Entry

http://secunia.com/advisories/32940