← Back

CVE-2009-2051

nvd nist
Published: Aug 27, 2009Modified: Apr 23, 2026

JSON object

Loading...
7.8
Vector
AV:N/AC:L/Au:N/C:N/I:N/A:C
Exploitability: 10.0 / Impact: 6.9
Source: NVD

Description

Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x and 2.6.x before 2.6.1, and Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), and 7.x before 7.1(2) allow remote attackers to cause a denial of service (device reload or voice-services outage) via a malformed SIP INVITE message that triggers an improper call to the sipSafeStrlen function, aka Bug IDs CSCsz40392 and CSCsz43987.

Affected (6)

Cisco
3 products
Ios
Ios Xe
Unified Communications Manager
Configuration A
6 vulnerable
Vulnerable SoftwareAffected Versions
Cisco
Ios
From 12.2 to 12.4
Ios
From 15.0 to 15.1
Ios Xe
From 2.5.0 to 2.6.1
Cisco
Unified Communications Manager
From 5.0 to 5.1\(3g\)
Unified Communications Manager
From 6.1\(1\) to 6.1\(4\)
Unified Communications Manager
From 7.1 to 7.1\(2\)

References (14)

Source: psirt@cisco.com
Broken Link
Source: psirt@cisco.com
Third Party Advisory
Source: psirt@cisco.com
Third Party Advisory
Source: psirt@cisco.com
PatchVendor Advisory
Source: psirt@cisco.com
Vendor Advisory
Source: psirt@cisco.com
Third Party AdvisoryVDB Entry
Source: psirt@cisco.com
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry

Timeline

No history available yet.