CVE-2011-2543

Published Sep 23, 2011

Last updated 6 years ago

CVSS info 9.0

Overview

Description: Buffer overflow in the cuil component in Cisco Telepresence System Integrator C Series 4.x before TC4.2.0 allows remote authenticated users to cause a denial of service (endpoint reboot or process crash) or possibly execute arbitrary code via a long location parameter to the getxml program, aka Bug ID CSCtq46496.
Source: ykramarz@cisco.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 9
Impact score: 10
Exploitability score: 8
Vector string: AV:N/AC:L/Au:S/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-119

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:cisco:telepresence_codec_c40:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3C5E2223-2180-4D0F-9E34-8AF54DC97FE3"
          },
          {
            "criteria": "cpe:2.3:h:cisco:telepresence_codec_c60:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "001596FF-7961-4983-8E1B-E272C94958EB"
          },
          {
            "criteria": "cpe:2.3:h:cisco:telepresence_codec_c90:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CBC21F7C-240C-446E-BDF6-3E1AB9B05B4F"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_c_series_software:tc4.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "33B45531-86E4-462A-ADCD-AB519E3A7CBA"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_c_series_software:tc4.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "180F6879-05EC-4BEC-92E8-DD55BCB93D2C"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_c_series_software:tc4.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "556BF725-71CD-40B8-BECD-557DC8922E87"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_c_series_software:tc4.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E2B10E3F-CE68-4D2E-BC59-C4FAA6675280"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_c_series_software:tc4.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "71A51261-B1D7-4ACA-8399-6BBBB17CDB93"
          },
          {
            "criteria": "cpe:2.3:a:cisco:telepresence_c_series_software:tc4.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "321FC6B1-D14C-490C-A1EB-E61F63DFB4F2"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References