Cisco CallManager 4.1 Input Validation Vulnerability
scip AG Vulnerability ID 2977 (03/13/2007)
Cisco CallManager, short CCM, is a professional voice-over-IP solution
that tracks active components, including among others phones, gateways,
conference bridges, transcoding resources and voicemail boxes.
Marc Ruef and Stefan Friedli found a web-based vulnerability that was
identified in Cisco CallManager 4.1 and may affect earlier versions as well.
The web interface of the application fails to properly santisize data
supplied by the search-form before displaying it back to the user.
Though several filters are in place to prevent the injection of