Filtered by vendor Avaya
Subscriptions
Total
139 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-3989 | 1 Avaya | 1 Tn2602ap Ip Media Resource 320 Circuit Pack | 2025-04-03 | N/A |
| Memory leak in Avaya TN2602AP IP Media Resource 320 circuit pack before vintage 9 firmware allows remote attackers to cause a denial of service (memory consumption) via crafted VoIP packets. | ||||
| CVE-2004-0201 | 2 Avaya, Microsoft | 11 Definity One Media Server, Ip600 Media Servers, Modular Messaging Message Storage Server and 8 more | 2025-04-03 | N/A |
| Heap-based buffer overflow in the HtmlHelp program (hh.exe) in HTML Help for Microsoft Windows 98, Me, NT 4.0, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary commands via a .CHM file with a large length field, a different vulnerability than CVE-2003-1041. | ||||
| CVE-2004-0841 | 2 Avaya, Microsoft | 7 Definity One Media Server, Ip600 Media Servers, Modular Messaging Message Storage Server and 4 more | 2025-04-03 | N/A |
| Internet Explorer 6.x allows remote attackers to install arbitrary programs via mousedown events that call the Popup.show method and use drag-and-drop actions in a popup window, aka "HijackClick 3" and the "Script in Image Tag File Download Vulnerability." | ||||
| CVE-2004-0842 | 2 Avaya, Microsoft | 7 Definity One Media Server, Ip600 Media Servers, Modular Messaging Message Storage Server and 4 more | 2025-04-03 | N/A |
| Internet Explorer 6.0 SP1 and earlier, and possibly other versions, allows remote attackers to cause a denial of service (application crash from "memory corruption") via certain malformed Cascading Style Sheet (CSS) elements that trigger heap-based buffer overflows, as demonstrated using the "<STYLE>@;/*" string, possibly due to a missing comment terminator that may cause an invalid length to trigger a large memory copy operation, aka the "CSS Heap Memory Corruption Vulnerability." | ||||
| CVE-2004-1050 | 2 Avaya, Microsoft | 7 Definity One Media Server, Ip600 Media Servers, Modular Messaging Message Storage Server and 4 more | 2025-04-03 | N/A |
| Heap-based buffer overflow in Internet Explorer 6 allows remote attackers to execute arbitrary code via long (1) SRC or (2) NAME attributes in IFRAME, FRAME, and EMBED elements, as originally discovered using the mangleme utility, aka "the IFRAME vulnerability" or the "HTML Elements Vulnerability." | ||||
| CVE-2005-0003 | 4 Avaya, Linux, Mandrakesoft and 1 more | 15 Converged Communications Server, Intuity Audix, Mn100 and 12 more | 2025-04-03 | N/A |
| The 64 bit ELF support in Linux kernel 2.6 before 2.6.10, on 64-bit architectures, does not properly check for overlapping VMA (virtual memory address) allocations, which allows local users to cause a denial of service (system crash) or execute arbitrary code via a crafted ELF or a.out file. | ||||
| CVE-2004-0554 | 6 Avaya, Conectiva, Gentoo and 3 more | 18 Converged Communications Server, Intuity Audix, Modular Messaging Message Storage Server and 15 more | 2025-04-03 | N/A |
| Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash), possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and frstor instructions, as originally demonstrated using a "crash.c" program. | ||||
| CVE-2005-0506 | 1 Avaya | 2 Ip Office Phone Manager, Ip Soft Phone | 2025-04-03 | N/A |
| The Avaya IP Office Phone Manager, and other products such as the IP Softphone, stores sensitive data in cleartext in a registry key, which allows local and possibly remote users to steal usernames and passwords and impersonate other users via keys such as Avaya\IP400\Generic. | ||||
| CVE-2005-1125 | 1 Avaya | 1 Libsafe | 2025-04-03 | N/A |
| Race condition in libsafe 2.0.16 and earlier, when running in multi-threaded applications, allows attackers to bypass libsafe protection and exploit other vulnerabilities before the _libsafe_die function call is completed. | ||||
| CVE-2001-1259 | 1 Avaya | 1 Argent Office | 2025-04-03 | N/A |
| Avaya Argent Office allows remote attackers to cause a denial of service by sending UDP packets to port 53 with no payload. | ||||
| CVE-2001-1260 | 1 Avaya | 1 Argent Office | 2025-04-03 | N/A |
| Avaya Argent Office uses weak encryption (trivial encoding) for passwords, which allows remote attackers to gain administrator privileges by sniffing and decrypting the sniffing the passwords during a system reboot. | ||||
| CVE-2001-1261 | 1 Avaya | 1 Argent Office | 2025-04-03 | N/A |
| Avaya Argent Office 2.1 may allow remote attackers to change hold music by spoofing a legitimate server's response to a TFTP broadcast and providing an alternate HoldMusic file. | ||||
| CVE-2001-1262 | 1 Avaya | 1 Argent Office | 2025-04-03 | N/A |
| Avaya Argent Office 2.1 compares a user-provided SNMP community string with the correct string only up to the length of the user-provided string, which allows remote attackers to bypass authentication with a 0 length community string. | ||||
| CVE-2002-0176 | 1 Avaya | 1 Libsafe | 2025-04-03 | N/A |
| The printf wrappers in libsafe 2.0-11 and earlier do not properly handle argument indexing specifiers, which could allow attackers to exploit certain function calls through arguments that are not verified by libsafe. | ||||
| CVE-2004-0595 | 4 Avaya, Php, Redhat and 1 more | 11 Converged Communications Server, Integrated Management, S8300 and 8 more | 2025-04-03 | N/A |
| The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, does not filter null (\0) characters within tag names when restricting input to allowed tags, which allows dangerous tags to be processed by web browsers such as Internet Explorer and Safari, which ignore null characters and facilitate the exploitation of cross-site scripting (XSS) vulnerabilities. | ||||
| CVE-2002-1448 | 1 Avaya | 3 Cajun M770-atm, Cajun P130, Cajun P330 | 2025-04-03 | N/A |
| An undocumented SNMP read/write community string ('NoGaH$@!') in Avaya P330, P130, and M770-ATM Cajun products allows remote attackers to gain administrative privileges. | ||||
| CVE-2004-0079 | 23 4d, Apple, Avaya and 20 more | 67 Webstar, Mac Os X, Mac Os X Server and 64 more | 2025-04-03 | 7.5 High |
| The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference. | ||||
| CVE-2003-1359 | 2 Avaya, Hp | 2 Predictive Dialer System, Hp-ux | 2025-04-03 | N/A |
| Buffer overflow in stmkfont utility of HP-UX 10.0 through 11.22 allows local users to gain privileges via a long command line argument. | ||||
| CVE-2005-2762 | 1 Avaya | 1 Vpnremote | 2025-04-03 | N/A |
| Avaya VPNRemote before 4.2.33 stores credentials in cleartext in process memory, which allows attackers to obtain the VPN user's credentials. | ||||
| CVE-2006-0718 | 1 Avaya | 5 Csu 5000, Vsu 100, Vsu 10000 and 2 more | 2025-04-03 | N/A |
| The Internet Key Exchange version 1 (IKEv1) implementation in Avaya VSU 100, 2000, 7500, 10000, and CSU 5000, when running IPSec, allows remote attackers to cause a denial of service (crash) via certain IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of details in the advisory, it is unclear which of CVE-2005-3666, CVE-2005-3667, and/or CVE-2005-3668 this issue applies to. | ||||