Cisco Unified Communications Manager CTL Provider Heap Buffer Overflow Vulnerability

Cisco Unified Communications Manager CTL Provider Heap Buffer Overflow Vulnerability

Cisco Unified Communications Manager (formerly known as CallManager) Certificate Trust List (CTL) Provider is prone to a heap-based buffer-overflow vulnerability.

Attackers can exploit this issue to execute arbitrary code or to cause denial-of-service conditions.

This issue affects the following versions:

Unified CallManager 4.0 and 4.1 prior to 4.1(3)SR5c
Unified Communications Manager 4.2 prior to 4.2(3)SR3
Unified Communications Manager 4.3 prior to 4.3(1)SR1