CVE-2011-5096
Summary
| CVE | CVE-2011-5096 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2012-07-03 21:55:00 UTC |
| Updated | 2012-07-17 04:00:00 UTC |
| Description | Stack-based buffer overflow in cstore.exe in the Media Application Server (MAS) in Avaya Aura Application Server 5300 (formerly Nortel Media Application Server) 1.x before 1.0.2 and 2.0 before Patch Bundle 10 allows remote attackers to execute arbitrary code via a crafted cs_anams parameter in a CONTENT_STORE_ADMIN_REQ packet. |
Risk And Classification
Problem Types: CWE-119
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Avaya | Aura Application Server 5300 | 1.0 | All | All | All |
| Application | Avaya | Aura Application Server 5300 | 2.0 | All | All | All |
| Application | Avaya | Aura Application Server 5300 | 1.0 | All | All | All |
| Application | Avaya | Aura Application Server 5300 | 2.0 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Zero Day Initiative | MISC | zerodayinitiative.com | |
| ASA-2011-213 | CONFIRM | downloads.avaya.com | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.