CVE-2008-5180

EUVD-2008-5158
Microsoft Communicator, and Communicator in Microsoft Office 2010 beta, allows remote attackers to cause a denial of service (memory consumption) via a large number of SIP INVITE requests, which trigger the creation of many sessions.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.3 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
CISA-ADPADP
5.3 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Base Score
CVSS 3.x
EPSS Score
Percentile: 99%
Affected Products (NVD)
VendorProductVersion
microsoftoffice_communicator
*
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://secunia.com/advisories/32940
http://www.exploit-db.com/exploits/12079
http://www.securityfocus.com/bid/39221
http://www.securitytracker.com/id?1021294
http://www.voipshield.com/research-details.php?id=133
https://exchange.xforce.ibmcloud.com/vulnerabilities/46673
https://exchange.xforce.ibmcloud.com/vulnerabilities/57581
https://www.exploit-db.com/exploits/7262
http://secunia.com/advisories/32940
http://www.exploit-db.com/exploits/12079
http://www.securityfocus.com/bid/39221
http://www.securitytracker.com/id?1021294
http://www.voipshield.com/research-details.php?id=133
https://exchange.xforce.ibmcloud.com/vulnerabilities/46673
https://exchange.xforce.ibmcloud.com/vulnerabilities/57581
https://www.exploit-db.com/exploits/7262