CVE-2013-1176

Name of the Vulnerable Software and Affected Versions Cisco TelePresence MCU 4500 versions prior to 4.3(2.30) Cisco TelePresence MCU 4501 versions prior to 4.3(2.30) Cisco TelePresence MCU MSE 8510 versions prior to 4.3(2.30) Cisco TelePresence Server versions prior to 2.3(1.55)

Description The issue allows remote attackers to cause a denial of service, resulting in a device reload, by sending crafted RTP packets in a SIP session or an H.323 session. This is due to the DSP card not properly validating H.264 data.

Recommendations For Cisco TelePresence MCU 4500 versions prior to 4.3(2.30), update to version 4.3(2.30) or later. For Cisco TelePresence MCU 4501 versions prior to 4.3(2.30), update to version 4.3(2.30) or later. For Cisco TelePresence MCU MSE 8510 versions prior to 4.3(2.30), update to version 4.3(2.30) or later. For Cisco TelePresence Server versions prior to 2.3(1.55), update to version 2.3(1.55) or later.