Product:

Communications_session_border_controller

(Oracle)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 7
Date Id Summary Products Score Patch Annotated
2020-12-08 CVE-2020-1971 The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME to see if they are equal or not. This function behaves incorrectly when both GENERAL_NAMEs contain an EDIPARTYNAME. A NULL pointer dereference and a crash may occur leading to a possible denial of service attack. OpenSSL itself uses the GENERAL_NAME_cmp... Debian_linux, Fedora, Active_iq_unified_manager, Aff_a250_firmware, Clustered_data_ontap_antivirus_connector, Data_ontap, E\-Series_santricity_os_controller, Ef600a_firmware, Hci_compute_node, Hci_management_node, Hci_storage_node, Manageability_software_development_kit, Oncommand_insight, Oncommand_workflow_automation, Plug\-In_for_symantec_netbackup, Santricity_smi\-S_provider, Snapcenter, Solidfire, Openssl, Api_gateway, Business_intelligence, Communications_session_border_controller, Communications_session_router, Communications_subscriber\-Aware_load_balancer, Communications_unified_session_manager, Enterprise_communications_broker, Enterprise_manager_base_platform, Enterprise_manager_ops_center, Enterprise_session_border_controller, Essbase, Graalvm, Jd_edwards_enterpriseone_tools, Jd_edwards_world_security, Mysql, Mysql_server, Peoplesoft_enterprise_peopletools, Log_correlation_engine, Nessus_network_monitor 5.9
2015-01-28 CVE-2015-0235 Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka "GHOST." Mac_os_x, Debian_linux, Glibc, Pureapplication_system, Security_access_manager_for_enterprise_single_sign\-On, Communications_application_session_controller, Communications_eagle_application_processor, Communications_eagle_lnp_application_processor, Communications_lsms, Communications_policy_management, Communications_session_border_controller, Communications_user_data_repository, Communications_webrtc_session_controller, Exalogic_infrastructure, Linux, Vm_virtualbox, Virtualization N/A
2019-01-11 CVE-2018-16864 An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when a program with long command line arguments calls syslog. A local attacker may use this flaw to crash systemd-journald or escalate his privileges. Versions through v240 are vulnerable. Ubuntu_linux, Debian_linux, Systemd, Communications_session_border_controller, Enterprise_communications_broker, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation 7.8
2019-01-11 CVE-2018-16865 An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when many entries are sent to the journal socket. A local attacker, or a remote one if systemd-journal-remote is used, may use this flaw to crash systemd-journald or execute code with journald privileges. Versions through v240 are vulnerable. Ubuntu_linux, Debian_linux, Systemd, Communications_session_border_controller, Enterprise_communications_broker, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation 7.8
2018-05-18 CVE-2018-11236 stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentially, arbitrary code execution. Glibc, Data_ontap_edge, Element_software_management, Communications_session_border_controller, Enterprise_communications_broker, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Virtualization_host 9.8
2018-02-01 CVE-2018-6485 An integer overflow in the implementation of the posix_memalign in memalign functions in the GNU C Library (aka glibc or libc6) 2.26 and earlier could cause these functions to return a pointer to a heap area that is too small, potentially leading to heap corruption. Glibc, Cloud_backup, Data_ontap_edge, Element_software, Element_software_management, Steelstore_cloud_integrated_storage, Storage_replication_adapter, Vasa_provider, Virtual_storage_console, Communications_session_border_controller, Enterprise_communications_broker, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation, Virtualization_host 9.8
2019-01-11 CVE-2018-16864 An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when a program with long command line arguments calls syslog. A local attacker may use this flaw to crash systemd-journald or escalate his privileges. Versions through v240 are vulnerable. Ubuntu_linux, Debian_linux, Systemd, Communications_session_border_controller, Enterprise_communications_broker, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Virtualization 7.8