CVE-2008-5180

Name of the Vulnerable Software and Affected Versions Microsoft Communicator (affected versions not specified) Microsoft Office 2010 beta (affected versions not specified)

Description The issue allows remote attackers to cause a denial of service, resulting in memory consumption, via a large number of SIP INVITE requests. This triggers the creation of many sessions.

Recommendations For Microsoft Communicator, consider restricting the number of incoming SIP INVITE requests to prevent excessive session creation until a fix is available. For Microsoft Office 2010 beta, restrict access to the Communicator component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.