Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

This site is deprecated. Please CLICK HERE for latest updates

Short Name

 APP:AVAYA-CCRWEBCLIENT-RCE

Severity

 Major

Recommended

 No

Recommended Action

 Drop

Category

 APP

Keywords

 Avaya IP Office Customer Call Reporter ImageUpload.ashx Remote Code Execution

Release Date

 2012/10/30

Update Number

 2198

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

APP: Avaya IP Office Customer Call Reporter ImageUpload.ashx Remote Code Execution


This signature detects attempts to exploit a known vulnerability in the Avaya IP Office Customer Call Reporter. A successful attack can lead to arbitrary remote code execution within the context of the server.

Extended Description

Avaya IP Office Customer Call Reporter is prone to a remote code-execution vulnerability. Attackers can leverage this issue to execute arbitrary code with the privileges of the user running the affected application. Avaya IP Office Customer Call Reporter 7.0 and 8.0 are vulnerable; other versions may also be affected.

Affected Products

  • Avaya ip_office_customer_call_reporter 7.0
  • Avaya ip_office_customer_call_reporter 8.0

References

  • BugTraq: 54225
  • CVE: CVE-2012-3811
  • URL: https://downloads.avaya.com/css/P8/documents/100164021

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out