VYPR

Unified IP Phone Firmware

by Cisco Systems, Inc.

CVEs (6)

  • CVE-2015-6360HigApr 21, 2016
    risk 0.49cvss 7.5epss 0.08

    The encryption-processing feature in Cisco libSRTP before 1.5.3 allows remote attackers to cause a denial of service via crafted fields in SRTP packets, aka Bug ID CSCux00686.

  • CVE-2015-0604Feb 7, 2015
    risk 0.00cvss epss 0.01

    The web framework on Cisco Unified IP 9900 phones with firmware 9.4(.1) and earlier allows remote attackers to upload files to arbitrary locations on a phone's filesystem via crafted HTTP requests, aka Bug ID CSCup90424.

  • CVE-2015-0601Feb 7, 2015
    risk 0.00cvss epss 0.00

    Cisco Unified IP 9900 phones with firmware 9.4(.1) and earlier allow local users to cause a denial of service (device reload) via crafted commands, aka Bug ID CSCup92790.

  • CVE-2013-6685Nov 13, 2013
    risk 0.00cvss epss 0.00

    The firmware on Cisco Unified IP phones 8961, 9951, and 9971 uses weak permissions for memory block devices, which allows local users to gain privileges by mounting a device with a setuid file in its filesystem, aka Bug ID CSCui04382.

  • CVE-2013-3468Aug 29, 2013
    risk 0.00cvss epss 0.03

    The Cisco Unified IP Phone 8945 with software 9.3(2) allows remote attackers to cause a denial of service (device hang) via a malformed PNG file, aka Bug ID CSCud04270.

  • CVE-2012-1328May 3, 2012
    risk 0.00cvss epss 0.00

    Cisco Unified IP Phones 9900 series devices with firmware 9.1 and 9.2 do not properly handle downloads of configuration information to an RT phone, which allows local users to gain privileges via unspecified injected data, aka Bug ID CSCts32237.