CVE-2009-2865

N/A Unknown
Published: September 28, 2009 Modified: April 23, 2026
View on NVD

Description

Buffer overflow in the login implementation in the Extension Mobility feature in the Unified Communications Manager Express (CME) component in Cisco IOS 12.4XW, 12.4XY, 12.4XZ, and 12.4YA allows remote attackers to execute arbitrary code or cause a denial of service via crafted HTTP requests, aka Bug ID CSCsq58779.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://osvdb.org/58335
Source: psirt@cisco.com
http://tools.cisco.com/security/center/viewAlert.x?alertId=18884
Source: psirt@cisco.com
Patch Vendor Advisory
http://www.cisco.com/en/US/products/products_security_advisory09186a0080af8116.shtml
Source: psirt@cisco.com
Patch Vendor Advisory
http://www.securityfocus.com/bid/36498
Source: psirt@cisco.com
http://www.securitytracker.com/id?1022932
Source: psirt@cisco.com
http://www.vupen.com/english/advisories/2009/2758
Source: psirt@cisco.com
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/53448
Source: psirt@cisco.com
http://osvdb.org/58335
Source: af854a3a-2127-422b-91ae-364da2661108
http://tools.cisco.com/security/center/viewAlert.x?alertId=18884
Source: af854a3a-2127-422b-91ae-364da2661108
Patch Vendor Advisory
http://www.cisco.com/en/US/products/products_security_advisory09186a0080af8116.shtml
Source: af854a3a-2127-422b-91ae-364da2661108
Patch Vendor Advisory
http://www.securityfocus.com/bid/36498
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securitytracker.com/id?1022932
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.vupen.com/english/advisories/2009/2758
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/53448
Source: af854a3a-2127-422b-91ae-364da2661108

14 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
3.7%
88th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-119

Affected Vendors

cisco

Related CVEs

CVE-2026-7073 7.3
CVE-2026-7072 7.3
CVE-2026-7071 5.3
CVE-2026-7070 7.3
CVE-2026-7069 8.0