Cisco Unified Communications Manager (CUCM), formerly CallManager,
contains two overflow vulnerabilities that could allow a remote,
unauthenticated user to cause a denial of service (DoS) condition or
execute arbitrary code.
A workaround exists for one of the vulnerabilities.
Cisco has made free software available to address these
vulnerabilities for affected customers.
This advisory is posted at