CVE-2011-5096

Avaya Aura Application Server 5300 <1.0.2/2.0<PB10 - Stack Overflow via cs_anams

Title source: llm
STIX 2.1

Description

Stack-based buffer overflow in cstore.exe in the Media Application Server (MAS) in Avaya Aura Application Server 5300 (formerly Nortel Media Application Server) 1.x before 1.0.2 and 2.0 before Patch Bundle 10 allows remote attackers to execute arbitrary code via a crafted cs_anams parameter in a CONTENT_STORE_ADMIN_REQ packet.

References (2)

Core 2
Core References
Vendor Advisory x_refsource_confirm
https://downloads.avaya.com/css/P8/documents/100146108
Third Party Advisory x_refsource_misc
http://zerodayinitiative.com/advisories/ZDI-11-260/

Scores

EPSS 0.0394
EPSS Percentile 89.2%

Details

CWE
CWE-119
Status published
Products (2)
avaya/aura_application_server_5300 1.0
avaya/aura_application_server_5300 2.0
Published Jul 03, 2012
Tracked Since Feb 18, 2026