CVE-2012-1328: Code Injection
First published: Thu May 03 2012(Updated: )
Cisco Unified IP Phones 9900 series devices with firmware 9.1 and 9.2 do not properly handle downloads of configuration information to an RT phone, which allows local users to gain privileges via unspecified injected data, aka Bug ID CSCts32237.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Unified IP Phone | =9900 | |
| Cisco Unified Ip Phone Firmware | =9.1 | |
| Cisco Unified Ip Phone Firmware | =9.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-index
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/type
- agent/description
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/cisco
- canonical/cisco unified ip phone
- version/cisco unified ip phone/9900
- canonical/cisco unified ip phone firmware
- version/cisco unified ip phone firmware/9.1
- version/cisco unified ip phone firmware/9.2