CVE-2008-0027
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2008-0027
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Heap-based buffer overflow in the Certificate Trust List (CTL) Provider service (CTLProvider.exe) in Cisco Unified Communications Manager (CUCM) 4.2 before 4.2(3)SR3 and 4.3 before 4.3(1)SR1, and CallManager 4.0 and 4.1 before 4.1(3)SR5c, allows remote attackers to cause a denial of service or execute arbitrary code via a long request.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Cisco Unified Communications Manager CTL Provider远程堆溢出漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Cisco Unified Communications Manager(CUCM,之前被称为CallManager)是Cisco IP电话解决方案中的呼叫处理组件。 CUCM中默认绑定在TCP/2444端口上的CTL Provider服务(CTLProvider.exe)存在堆溢出漏洞,远程攻击者可能利用此漏洞控制服务器。 该漏洞存在于接收套接字数据期间所使用的循环中的逻辑错误。代码分配了0x19000字节长的初始缓冲区: .text:00406077 191A8 68+ push 19000h ; s
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2008-0027
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2008-0027
Please Login to view more intelligence information
- http://dvlabs.tippingpoint.com/advisory/TPTI-08-02x_refsource_MISC
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080932c61.shtmlvendor-advisoryx_refsource_CISCO
- https://nvd.nist.gov/vuln/detail/CVE-2008-0027
Same Patch Batch · n/a · 2008-01-17 · 46 CVEs total
| CVE-2007-6686 | Gallery URL Rewrite Module管理控件未限定文件共享漏洞 | |
| CVE-2007-6689 | Menalto Gallery 文件上传检验漏洞 | |
| CVE-2007-6691 | Menalto Gallery 多个未明漏洞 | |
| CVE-2008-0302 | apt-listchanges Unsafe Paths Library 'apt-listchanges.py'重要本地外壳程序执行漏洞 | |
| CVE-2007-6681 | VideoLAN VLC’modulesdemuxsubtitle.c’远程堆溢缓冲区错误漏洞 | |
| CVE-2007-6682 | VideoLAN 'modules\demux\subtitle.c'文件媒体播放器远程溢出及格式串处理漏洞 | |
| CVE-2007-6683 | VLC媒体播放器浏览器插件任意文件覆盖漏洞 | |
| CVE-2007-6684 | VideoLAN VLC RTSP模块拒绝服务漏洞 | |
| CVE-2007-6693 | Gallery WebCam模块代理请求未限定请求方式漏洞 | |
| CVE-2007-6687 | Menalto Gallery多个模块跨站脚本漏洞 | |
| CVE-2007-6688 | Gallery安装程序存储目录未限定请求漏洞 | |
| CVE-2007-6685 | Gallery Publish XP模块未限制文件上传漏洞 | |
| CVE-2008-0324 | Cisco VPN Client IPSec Driver本地拒绝服务漏洞 | |
| CVE-2008-0338 | MiniWeb 'http.c' 目录遍历漏洞 | |
| CVE-2008-0337 | MiniWeb 'http.c' 栈缓冲区溢出漏洞 | |
| CVE-2008-0336 | BugTracker.NET 跨站请求伪造漏洞 | |
| CVE-2008-0335 | BugTracker.NET 跨站脚本攻击漏洞 | |
| CVE-2008-0334 | pmachine pro 'pm/language/spanish/preferences.php'跨站脚本攻击漏洞 | |
| CVE-2008-0333 | Afterlogic WebMail Pro 路径遍历漏洞 | |
| CVE-2008-0332 | ARIA 'effect.php'目录遍历漏洞 |
Showing top 20 of 46 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8226
Open5GS types.c ogs_pcc_rule_install_flow_from_media denial - CVE-2026-8225
Open5GS delete Endpoint sm-sm.c pcf_npcf_smpolicycontrol_han - CVE-2026-8224
Open5GS PCF context.c pcf_sess_set_ipv6prefix denial of serv - CVE-2026-8223
Open5GS sm-policies Endpoint pcf_sess_sbi_discover_and_send - CVE-2026-8222
Open5GS sm-policies Endpoint nbsf-handler.c pcf_nbsf_managem
V. Comments for CVE-2008-0027
No comments yet