CVE-2012-5416

Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus

SecuriTeam™
Beyond Security®

SecuriTeam™ Home
Ask the Team
Mailing Lists
Advertising Info
Blogs

	SecuriTeam™ in Your Inbox

	E-mail this CVE-2012-5416 to a friend

New vulnerability?
New tool?
Tell us

Credit:
The original article can be found at: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121031-mp

Website Security Scan	Code Vulnerability Test	Network Assessment Tool
Detect hidden vulnerabilities	Exhaustive automated testing	Real-time, continuous security
Get guidance from professionals	of internal or 3rd party code.	scanning for your entire network

Check for CVE-2012-5416

Vulnerability Assessment and Management.
Automated Pen Testing for 50 to 50,000 nodes
beyondsecurity.com/vulnerability-scanner

Vulnerable Systems:
* Cisco Unified MeetingPlace Web Conferencing 6.0.517 .0
* Cisco Unified MeetingPlace Web Conferencing 7.0
* Cisco Unified MeetingPlace Web Conferencing 6.0

The Cisco Unified MeetingPlace Web Conferencing service contains a vulnerability that could allow an unauthenticated, remote attacker to create a buffer overrun condition that may cause the Web Conferencing server to become unresponsive.

The vulnerability is due to insufficient validation of some parameter values of an HTTP POST request. An attacker may be able to exploit this vulnerability by crafting the value of the vulnerable parameters in an HTTP POST request directed to the affected system. An exploit could allow the attacker to cause the Web Conferencing server to become unresponsive.

This vulnerability is documented in Cisco bug ID CSCua66341 (registered customers only).

CVE Information:
CVE-2012-5416

Disclosure Timeline:
Published: October 31 2012
Updated: November 01 2012

Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus