PT-2016-6921 · Cisco · Cisco Meeting Server+1

Published

2016-11-03

Updated

2017-07-29

CVE-2016-6448

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Cisco Meeting Server versions prior to 2.0.3 Acano Server versions 1.8.x prior to 1.8.17 Acano Server versions 1.9.x prior to 1.9.5

Description A vulnerability in the Session Description Protocol (SDP) parser could allow an unauthenticated, remote attacker to execute arbitrary code on an affected system.

Recommendations For Cisco Meeting Server versions prior to 2.0.3, update to Release 2.0.3 or later. For Acano Server versions 1.8.x prior to 1.8.17, update to Release 1.8.17 or later. For Acano Server versions 1.9.x prior to 1.9.5, update to Release 1.9.5 or later.

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

CVE-2016-6448

Affected Products

Acano Server

Cisco Meeting Server

PT-2016-6921 · Cisco · Cisco Meeting Server+1

CVE-2016-6448

Weakness Enumeration

Related Identifiers

Affected Products

References · 5