CVE-2008-5180

MEDIUM

Microsoft Communicator - DoS

Title source: llm

Description

Microsoft Communicator, and Communicator in Microsoft Office 2010 beta, allows remote attackers to cause a denial of service (memory consumption) via a large number of SIP INVITE requests, which trigger the creation of many sessions.

Exploits (2)

exploitdb WORKING POC

by indoushka · perldoswindows

https://www.exploit-db.com/exploits/12079

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by Praveen Darshanam · perldoswindows

https://www.exploit-db.com/exploits/7262

View Code ZIP pw:eip

References (8)

[Broken Link] http://secunia.com/advisories/32940

[Exploit, Third Party Advisory, VDB Entry] http://www.exploit-db.com/exploits/12079

[Broken Link, Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/39221

[Broken Link, Third Party Advisory, VDB Entry] http://www.securitytracker.com/id?1021294

[Broken Link] http://www.voipshield.com/research-details.php?id=133

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/46673

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/57581

[Exploit, Third Party Advisory, VDB Entry] https://www.exploit-db.com/exploits/7262

Scores

CVSS v3 5.3

EPSS 0.8234

EPSS Percentile 99.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Classification

CWE

CWE-770

Status draft

Affected Products (1)

microsoft/office_communicator

Timeline

Published Nov 20, 2008

Tracked Since Feb 18, 2026