* Cisco Unified MeetingPlace Web Conferencing 6.0.517 .0
* Cisco Unified MeetingPlace Web Conferencing 7.0
* Cisco Unified MeetingPlace Web Conferencing 6.0
The Cisco Unified MeetingPlace Web Conferencing service contains a vulnerability that could allow an unauthenticated, remote attacker to create a buffer overrun condition that may cause the Web Conferencing server to become unresponsive.
The vulnerability is due to insufficient validation of some parameter values of an HTTP POST request. An attacker may be able to exploit this vulnerability by crafting the value of the vulnerable parameters in an HTTP POST request directed to the affected system. An exploit could allow the attacker to cause the Web Conferencing server to become unresponsive.
This vulnerability is documented in Cisco bug ID CSCua66341 (registered customers only).