Description
Microsoft Communicator, and Communicator in Microsoft Office 2010 beta, allows remote attackers to cause a denial of service (memory consumption) via a large number of SIP INVITE requests, which trigger the creation of many sessions.
CVSS breakdown
CVSS 3.1
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
Low
Affected products
References
- EXPLOIThttps://www.exploit-db.com/exploits/7262
- MISChttp://www.securityfocus.com/bid/39221
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/46673
- MISChttp://www.securitytracker.com/id?1021294
- EXPLOIThttp://www.exploit-db.com/exploits/12079
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/57581
- MISChttp://www.voipshield.com/research-details.php?id=133
- VENDOR_ADVISORYhttp://secunia.com/advisories/32940
Updated 24m ago · 2 sources