CVE-2016-6448: Buffer Overflow
First published: Thu Nov 03 2016(Updated: )
A vulnerability in the Session Description Protocol (SDP) parser of Cisco Meeting Server could allow an unauthenticated, remote attacker to execute arbitrary code on an affected system. This vulnerability affects the following products: Cisco Meeting Server releases prior to Release 2.0.3, Acano Server releases 1.9.x prior to Release 1.9.5, Acano Server releases 1.8.x prior to Release 1.8.17. More Information: CSCva76004. Known Affected Releases: 1.8.x 1.92.0.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Meeting Server | =1.8.15 | |
| Cisco Meeting Server | =1.8_base | |
| Cisco Meeting Server | =1.9.0 | |
| Cisco Meeting Server | =1.9.2 | |
| Cisco Meeting Server | =2.0.0 | |
| Cisco Meeting Server | =2.0.1 | |
| Cisco Meeting Server | =2.0.3 | |
| Cisco Meeting Server | =2.0.4 | |
| Cisco Meeting Server | =2.0.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/last-modified-date
- agent/references
- agent/severity
- agent/weakness
- agent/event
- agent/first-publish-date
- agent/description
- agent/trending
- agent/tags
- agent/source
- vendor/cisco
- canonical/cisco meeting server
- version/cisco meeting server/1.8.15
- version/cisco meeting server/1.8_base
- version/cisco meeting server/1.9.0
- version/cisco meeting server/1.9.2
- version/cisco meeting server/2.0.0
- version/cisco meeting server/2.0.1
- version/cisco meeting server/2.0.3
- version/cisco meeting server/2.0.4
- version/cisco meeting server/2.0.5