ID
VAR-201306-0171
CVE
CVE-2013-3393
TITLE
Cisco Jabber for Windows and Cisco Virtualization Experience Media Engine Denial of service in Japan (DoS) Vulnerability
Trust: 0.8
DESCRIPTION
The Precision Video Engine component in Cisco Jabber for Windows and Cisco Virtualization Experience Media Engine allows remote attackers to cause a denial of service (process crash and call disconnection) via crafted RTP packets, aka Bug IDs CSCuh60706 and CSCue21117. Cisco Jabber is prone to a denial-of-service vulnerability. An attacker can exploit this issue to crash the various processes or disconnection of any active calls on the device, denying service to legitimate users. This issue is being tracked by Cisco Bug IDs CSCuh60706 and CSCue21117
Trust: 1.98
AFFECTED PRODUCTS
| vendor: | cisco | model: | jabber | scope: | eq | version: | - | Trust: 1.6 |
| vendor: | cisco | model: | virtualization experience media engine | scope: | eq | version: | - | Trust: 1.6 |
| vendor: | cisco | model: | jabber | scope: | lte | version: | for windows 9.2.1 | Trust: 0.8 |
| vendor: | cisco | model: | virtualization experience media engine | scope: | lte | version: | 9.2.1 | Trust: 0.8 |
| vendor: | cisco | model: | virtualization experience media engine | scope: | eq | version: | 9.2.1 | Trust: 0.3 |
| vendor: | cisco | model: | virtualization experience media engine | scope: | eq | version: | 9.0 | Trust: 0.3 |
| vendor: | cisco | model: | jabber for windows | scope: | eq | version: | 9.2.1 | Trust: 0.3 |
| vendor: | cisco | model: | jabber for windows | scope: | eq | version: | 9.2 | Trust: 0.3 |
| vendor: | cisco | model: | jabber for windows | scope: | eq | version: | 9.1.5 | Trust: 0.3 |
| vendor: | cisco | model: | jabber for windows | scope: | eq | version: | 9.1.4 | Trust: 0.3 |
| vendor: | cisco | model: | jabber for windows | scope: | eq | version: | 9.1.3 | Trust: 0.3 |
| vendor: | cisco | model: | jabber for windows | scope: | eq | version: | 9.1.2 | Trust: 0.3 |
| vendor: | cisco | model: | jabber for windows | scope: | eq | version: | 9.1.1 | Trust: 0.3 |
| vendor: | cisco | model: | jabber for windows | scope: | eq | version: | 9.1 | Trust: 0.3 |
| vendor: | cisco | model: | jabber for windows | scope: | eq | version: | 9.0.5 | Trust: 0.3 |
| vendor: | cisco | model: | jabber for windows | scope: | eq | version: | 9.0.4 | Trust: 0.3 |
| vendor: | cisco | model: | jabber for windows | scope: | eq | version: | 9.0.3 | Trust: 0.3 |
| vendor: | cisco | model: | jabber for windows | scope: | eq | version: | 9.0.2 | Trust: 0.3 |
| vendor: | cisco | model: | jabber for windows | scope: | eq | version: | 9.0.1 | Trust: 0.3 |
CVSS
SEVERITY | CVSSV2 | CVSSV3 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
PROBLEMTYPE DATA
| problemtype: | CWE-20 | Trust: 1.9 |
THREAT TYPE
remote
Trust: 0.6
TYPE
input validation
Trust: 0.6
CONFIGURATIONS
PATCH
| title: | Cisco Jabber Video Engine Denial of Service Vulnerability | url: | http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3393 | Trust: 0.8 |
| title: | 29764 | url: | http://tools.cisco.com/security/center/viewAlert.x?alertId=29764 | Trust: 0.8 |
EXTERNAL IDS
| db: | NVD | id: | CVE-2013-3393 | Trust: 2.8 |
| db: | JVNDB | id: | JVNDB-2013-003144 | Trust: 0.8 |
| db: | CNNVD | id: | CNNVD-201306-488 | Trust: 0.7 |
| db: | CISCO | id: | 20130625 CISCO JABBER VIDEO ENGINE DENIAL OF SERVICE VULNERABILITY | Trust: 0.6 |
| db: | BID | id: | 60764 | Trust: 0.4 |
| db: | VULHUB | id: | VHN-63395 | Trust: 0.1 |
REFERENCES
| url: | http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2013-3393 | Trust: 2.0 |
| url: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-3393 | Trust: 0.8 |
| url: | http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-3393 | Trust: 0.8 |
| url: | http://www.cisco.com/ | Trust: 0.3 |
| url: | http://www.cisco.com/web/products/voice/jabber.html | Trust: 0.3 |
| url: | http://www.cisco.com/en/us/products/ps12862/index.html | Trust: 0.3 |
| url: | http://tools.cisco.com/security/center/viewalert.x?alertid=29764 | Trust: 0.3 |
CREDITS
The vendor reported this issue.
Trust: 0.3
SOURCES
| db: | VULHUB | id: | VHN-63395 |
| db: | BID | id: | 60764 |
| db: | JVNDB | id: | JVNDB-2013-003144 |
| db: | CNNVD | id: | CNNVD-201306-488 |
| db: | NVD | id: | CVE-2013-3393 |
LAST UPDATE DATE
2024-08-14T15:08:53.893000+00:00
SOURCES UPDATE DATE
| db: | VULHUB | id: | VHN-63395 | date: | 2013-08-31T00:00:00 |
| db: | BID | id: | 60764 | date: | 2013-06-25T00:00:00 |
| db: | JVNDB | id: | JVNDB-2013-003144 | date: | 2013-06-28T00:00:00 |
| db: | CNNVD | id: | CNNVD-201306-488 | date: | 2014-02-26T00:00:00 |
| db: | NVD | id: | CVE-2013-3393 | date: | 2013-08-31T06:39:14.203 |
SOURCES RELEASE DATE
| db: | VULHUB | id: | VHN-63395 | date: | 2013-06-26T00:00:00 |
| db: | BID | id: | 60764 | date: | 2013-06-25T00:00:00 |
| db: | JVNDB | id: | JVNDB-2013-003144 | date: | 2013-06-28T00:00:00 |
| db: | CNNVD | id: | CNNVD-201306-488 | date: | 2013-06-26T00:00:00 |
| db: | NVD | id: | CVE-2013-3393 | date: | 2013-06-26T19:55:01.133 |