CVE-2007-5538

critical Cisco
CVSS v3 Base Score
10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
EPSS Score
7.5%
Exploitation probability in 30 days
Top 8% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
Low
Confidentiality
C
Integrity
C
Availability
C
Published: October 18, 2007 (6783 days ago)
Last Modified: April 23, 2026
Vendor: Cisco
Source: NVD

Description

Buffer overflow in the Centralized TFTP File Locator Service in Cisco Unified Communications Manager (CUCM, formerly CallManager) 5.1 before 5.1(3), and Unified CallManager 5.0, allows remote attackers to execute arbitrary code or cause a denial of service via unspecified vectors involving the processing of filenames, aka CSCsh47712.

CWE

CWE-119

Affected Products

cisco unified callmanagercisco unified communications manager

References

🔗 osvdb.org 🔗 secunia.com 🔗 www.cisco.com 🔗 www.securityfocus.com 🔗 www.securitytracker.com