CVE-2007-5538

Cisco Unified Communications Manager < 5.1(3) Buffer Overflow in TFTP File Locator Service

Title source: llm
STIX 2.1

Description

Buffer overflow in the Centralized TFTP File Locator Service in Cisco Unified Communications Manager (CUCM, formerly CallManager) 5.1 before 5.1(3), and Unified CallManager 5.0, allows remote attackers to execute arbitrary code or cause a denial of service via unspecified vectors involving the processing of filenames, aka CSCsh47712.

References (7)

Core 7
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/26105
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/37940
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2007/3532
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/37247
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1018828
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/27296

Scores

EPSS 0.0553
EPSS Percentile 91.9%

Details

CWE
CWE-119
Status published
Products (2)
cisco/unified_callmanager 5.0
cisco/unified_communications_manager < 5.1\(2\)
Published Oct 18, 2007
Tracked Since Feb 18, 2026