HIGH🇬🇧 English

CVE-2017-12969

CVSS 8.8v3.0pub. 2017-11-10upd. 2026-05-13

Buffer overflow in the ViewerCtrlLib.ViewerCtrl ActiveX control in Avaya IP Office Contact Center before 10.1.1 allows remote attackers to cause a denial of service (heap corruption and crash) or execute arbitrary code via a long string to the open method.

oryginał EN
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
  • Avaya Ip Office Contact Center

    APP
    Avaya
    10.010.0.0.3-8600.170510.19.19.1.09.1.0.2209.15409.1.69.1.79.1.89.1.9
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
RCEDoSMemory
CWE
Referencje

Powiązane podatności

CVE-2019-7001CRITICAL9.9ten sam produkt

A SQL injection vulnerability in the WebUI component of IP Office Contact Center could allow an authenticated ...

CVE-2025-1041CRITICAL9.9PL ✓ten sam vendor

Zdalne wykonanie poleceń w Avaya Call Management System (CWE-20)

CVE-2024-4197CRITICAL9.9PL ✓ten sam vendor

Unrestricted file upload umożliwiający RCE w Avaya IP Office (One-X)

CVE-2024-4196CRITICAL10.0PL ✓ten sam vendor

RCE poprzez improper input validation w Avaya IP Office (Web Control)

CVE-2022-38168CRITICAL9.1ten sam vendor

Broken Access Control in User Authentication in Avaya Scopia Pathfinder 10 and 20 PTS version 8.3.7.0.4 allows...