All the vulnerabilites related to cisco - webex
var-201810-0625
Vulnerability from variot
A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit this vulnerability by sending a user a malicious ARF or WRF file via a link or an email attachment and persuading the user to open the file by using the affected software. A successful exploit could allow the attacker to execute arbitrary code on the affected system. Cisco Webex Network Recording Player and Webex Player Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Crafted data in a ARF file can trigger an overflow of a heap-based buffer. These issues are being tracked by Cisco Bug IDs CSCvj83752, CSCvj83767, CSCvj83771, CSCvj83793, CSCvj83797, CSCvj83803, CSCvj83818, CSCvj83824, CSCvj83831, CSCvj87929, CSCvj87934, CSCvj93870, CSCvj93877, CSCvk31089, CSCvk33049, CSCvk52510, CSCvk52518, CSCvk52521, CSCvk59945, CSCvk59949, CSCvk59950, CSCvk60158, CSCvk60163, CSCvm51315, CSCvm51318, CSCvm51361, CSCvm51371, CSCvm51373, CSCvm51374, CSCvm51382, CSCvm51386, CSCvm51391, CSCvm51393, CSCvm51396, CSCvm51398, CSCvm51412, CSCvm51413, CSCvm54531, and CSCvm54538
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201810-0625",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "2.8"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "2.7"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "2.6"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "webex business suite 31",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "31.23.4"
},
{
"model": "webex business suite 33",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "33.3"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.1.29"
},
{
"model": "webex meetings online",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.37"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.7.1"
},
{
"model": "webex business suite",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings online",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex",
"scope": null,
"trust": 0.7,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite 33",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "33.1"
},
{
"model": "webex business suite 31",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "31.20"
},
{
"model": "webex business suite 31",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "31.21"
},
{
"model": "webex business suite 31",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "31.19"
},
{
"model": "webex business suite 31",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "31.23"
},
{
"model": "webex business suite 33",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "33.0"
},
{
"model": "webex business suite 31",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "31.17"
},
{
"model": "webex business suite 31",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "31.22"
},
{
"model": "webex business suite 33",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "33.2"
},
{
"model": "webex business suite 31",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "31.23.0"
},
{
"model": "webex player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex network recording player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings server 3.0mr2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server 3.0mr1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server patch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.01"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8.1.2039"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8.1.1034"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8.1.1023"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8.1.1019"
},
{
"model": "webex meetings server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.81"
},
{
"model": "webex meetings server mr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8"
},
{
"model": "webex meetings server 2.7mr2 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.7.1.3047"
},
{
"model": "webex meetings server 2.6mr3 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.1.30"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.0.8"
},
{
"model": "webex meetings server 2.5mr6 patch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6"
},
{
"model": "webex meetings server 2.5mr2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.99.2"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.1.5"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.0.997"
},
{
"model": "webex meetings server mr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "webex meetings server base",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "webex meetings server 2.0mr2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5.1.6"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5.1.131"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5(.1.6)"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5(.1.131)"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.1"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings online",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.3.35"
},
{
"model": "webex meetings online",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex business suite wbs33",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite wbs32",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite wbs31",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server 3.0mr2 patch",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1"
},
{
"model": "webex meetings online",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.3.37"
},
{
"model": "webex business suite wbs33.4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite wbs32.15.20",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite wbs31.23",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1119"
},
{
"db": "BID",
"id": "105520"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011465"
},
{
"db": "NVD",
"id": "CVE-2018-15409"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-200"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_online:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.3.37",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:maintenance_release2_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:maintenance_release1_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5:maintenance_release6_patch4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5:maintenance_release6_patch3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5:maintenance_release6_patch2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7:base:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7:maintenance_release1_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:maintenance_release3_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5.1.29:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.8:base:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7:maintenance_release2_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:maintenance_release3_patch2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5:maintenance_release5_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_business_suite_31:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "31.23.4",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_business_suite_33:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "33.3",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-15409"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Steven Seeley (mr_me) of Source Incite",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1119"
}
],
"trust": 0.7
},
"cve": "CVE-2018-15409",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2018-15409",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 1.5,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-125665",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-15409",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-15409",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2018-15409",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201810-200",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-125665",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1119"
},
{
"db": "VULHUB",
"id": "VHN-125665"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011465"
},
{
"db": "NVD",
"id": "CVE-2018-15409"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-200"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit this vulnerability by sending a user a malicious ARF or WRF file via a link or an email attachment and persuading the user to open the file by using the affected software. A successful exploit could allow the attacker to execute arbitrary code on the affected system. Cisco Webex Network Recording Player and Webex Player Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Crafted data in a ARF file can trigger an overflow of a heap-based buffer. \nThese issues are being tracked by Cisco Bug IDs CSCvj83752, CSCvj83767, CSCvj83771, CSCvj83793, CSCvj83797, CSCvj83803, CSCvj83818, CSCvj83824, CSCvj83831, CSCvj87929, CSCvj87934, CSCvj93870, CSCvj93877, CSCvk31089, CSCvk33049, CSCvk52510, CSCvk52518, CSCvk52521, CSCvk59945, CSCvk59949, CSCvk59950, CSCvk60158, CSCvk60163, CSCvm51315, CSCvm51318, CSCvm51361, CSCvm51371, CSCvm51373, CSCvm51374, CSCvm51382, CSCvm51386, CSCvm51391, CSCvm51393, CSCvm51396, CSCvm51398, CSCvm51412, CSCvm51413, CSCvm54531, and CSCvm54538",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-15409"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011465"
},
{
"db": "ZDI",
"id": "ZDI-18-1119"
},
{
"db": "BID",
"id": "105520"
},
{
"db": "VULHUB",
"id": "VHN-125665"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-15409",
"trust": 3.5
},
{
"db": "BID",
"id": "105520",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1041795",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011465",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-6311",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-1119",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201810-200",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-125665",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1119"
},
{
"db": "VULHUB",
"id": "VHN-125665"
},
{
"db": "BID",
"id": "105520"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011465"
},
{
"db": "NVD",
"id": "CVE-2018-15409"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-200"
}
]
},
"id": "VAR-201810-0625",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-125665"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:01:09.445000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20181003-webex-rce",
"trust": 1.5,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20181003-webex-rce"
},
{
"title": "Cisco Webex Network Recording Player and Webex Player Enter the fix for the verification vulnerability",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=85414"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1119"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011465"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-200"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-125665"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011465"
},
{
"db": "NVD",
"id": "CVE-2018-15409"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20181003-webex-rce"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/105520"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1041795"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-15409"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-15409"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1119"
},
{
"db": "VULHUB",
"id": "VHN-125665"
},
{
"db": "BID",
"id": "105520"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011465"
},
{
"db": "NVD",
"id": "CVE-2018-15409"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-200"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-18-1119"
},
{
"db": "VULHUB",
"id": "VHN-125665"
},
{
"db": "BID",
"id": "105520"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-011465"
},
{
"db": "NVD",
"id": "CVE-2018-15409"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-200"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-08T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1119"
},
{
"date": "2018-10-05T00:00:00",
"db": "VULHUB",
"id": "VHN-125665"
},
{
"date": "2018-10-03T00:00:00",
"db": "BID",
"id": "105520"
},
{
"date": "2019-01-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011465"
},
{
"date": "2018-10-05T14:29:09.373000",
"db": "NVD",
"id": "CVE-2018-15409"
},
{
"date": "2018-10-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-200"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-08T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1119"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-125665"
},
{
"date": "2018-10-03T00:00:00",
"db": "BID",
"id": "105520"
},
{
"date": "2019-01-15T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-011465"
},
{
"date": "2019-10-09T23:35:33.377000",
"db": "NVD",
"id": "CVE-2018-15409"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-200"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201810-200"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Webex Network Recording Player and Webex Player Input validation vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-011465"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201810-200"
}
],
"trust": 0.6
}
}
var-200912-0439
Vulnerability from variot
Buffer overflow in atrpui.dll in the Cisco WebEx WRF Player 26.x before 26.49.32 for Windows, 27.x before 27.10.x for Windows, 26.x before 26.49.35 for Mac OS X and Linux, and 27.x before 27.11.8 for Mac OS X and Linux allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted WebEx Recording Format (WRF) file. Cisco WebEx WRF Player of atrpui.dll Contains a buffer overflow vulnerability. Cisco WebEx is prone to multiple remote buffer-overflow vulnerabilities because the software fails to perform adequate boundary checks on user-supplied data. An attacker can exploit these issues to execute arbitrary code with administrative privileges. Successful exploits will completely compromise affected computers. Failed exploit attempts will result in a denial-of-service condition. ----------------------------------------------------------------------
Do you have VARM strategy implemented?
(Vulnerability Assessment Remediation Management)
If not, then implement it through the most reliable vulnerability intelligence source on the market.
Implement it through Secunia.
ORIGINAL ADVISORY: Cisco: http://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Cisco Security Advisory: Multiple Cisco WebEx WRF Player Vulnerabilities
Advisory ID: cisco-sa-20091216-webex
http://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml
Revision 1.0
For Public Release 2009 December 16 1600 UTC (GMT)
Summary
Multiple buffer overflow vulnerabilities exist in the Cisco WebEx Recording Format (WRF) Player.
The Cisco WebEx WRF Player is an application that is used to play back WebEx meeting recordings that have been recorded on the computer of an on-line meeting attendee. The WRF Player can be automatically installed when the user accesses a WRF file that is hosted on a WebEx server. The WRF Player can also be manually installed for offline playback after downloading the application from www.webex.com.
If the WRF Player was automatically installed, the WebEx WRF Player will be automatically upgraded to the latest, non-vulnerable version when users access a WRF file hosted on a WebEx server. If the WebEx WRF Player was manually installed, users will need to manually install a new version of the player after downloading the latest version from www.webex.com.
Cisco has released free software updates that address these vulnerabilities.
This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml.
Affected Products
Vulnerable Products
The vulnerabilities disclosed in this advisory affect the Cisco WebEx WRF Player. Affected versions of the WRF Player are those prior to the "first fixed" versions, which are shown in the section "Software Versions and Fixes" of this advisory.
To check if a Cisco WebEx server is running an affected version of the WebEx client build, users can log in to their Cisco WebEx server and go to the Support -> Downloads section. The version of the WebEx client build will be displayed on the right-hand side of the page under "About Support Center", for example "Client build: 27.11.0.3328".
There is no way to check if a manually installed version of the WRF Player is affected by these vulnerabilities. Therefore, Cisco recommends that users upgrade to the most current version of the player that is available from http://www.webex.com/downloadplayer.html.
Products Confirmed Not Vulnerable
The Cisco WebEx Player for the WebEx Advanced Recording Format (ARF) file format is not affected by these vulnerabilities.
No other Cisco products are currently known to be affected by these vulnerabilities.
Details
The WebEx meeting service is a hosted multimedia conferencing solution that is managed by and maintained by Cisco WebEx. The WebEx Recording Format (WRF) is a file format that is used to store WebEx meeting recordings that have been recorded on the computer of an on-line meeting attendee. The WRF Player is an application that is used to play back and edit WRF files (files with .wrf extensions). The WRF Player can be automatically installed when the user accesses a WRF file that is hosted on a WebEx server (stream playback mode). The WRF Player can also be manually installed after downloading the application from www.webex.com to play back WRF files locally (offline playback mode). The vulnerabilities may lead to a crash of the WRF Player application, or in some cases, lead to remote code execution.
To exploit a vulnerability, a malicious WRF file would need to be opened by the WRF Player application. An attacker may be able to accomplish this by providing the malicious WRF file directly to users (for example, via e-mail), or by convincing users to visit a malicious website. The vulnerability cannot be triggered by users attending a WebEx meeting.
These vulnerabilities have been assigned the following Common Vulnerabilities and Exposures (CVE) identifiers:
- CVE-2009-2875
- CVE-2009-2876
- CVE-2009-2877
- CVE-2009-2878
- CVE-2009-2879
- CVE-2009-2880
Vulnerability Scoring Details
Cisco has provided scores for the vulnerabilities in this advisory based on the Common Vulnerability Scoring System (CVSS). The CVSS scoring in this Security Advisory is done in accordance with CVSS version 2.0.
CVSS is a standards-based scoring method that conveys vulnerability severity and helps determine urgency and priority of response.
Cisco has provided a base and temporal score. Customers can then compute environmental scores to assist in determining the impact of the vulnerability in individual networks.
Cisco has provided an FAQ to answer additional questions regarding CVSS at:
http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html
Cisco has also provided a CVSS calculator to help compute the environmental impact for individual networks at:
http://intellishield.cisco.com/security/alertmanager/cvss
- Multiple Cisco WebEx Player Buffer Overflow Vulnerabilities (all vulnerabilities in this advisory)
CVSS Base Score - 9.3 Access Vector - Network Access Complexity - Medium Authentication - None Confidentiality Impact - Complete Integrity Impact - Complete Availability Impact - Complete
CVSS Temporal Score - 7.7 Exploitability - Functional Remediation Level - Official-Fix Report Confidence - Confirmed
Impact
Successful exploitation of the vulnerabilities described in this document could result in a crash of the Cisco WebEx WRF Player application, and in some cases, allow a remote attacker to execute arbitrary code on the targeted system with the privileges of the user running the WRF Player application.
Software Versions and Fixes
The table below contains "First Fixed" information for the Cisco WebEx WRF Player that is automatically downloaded from a WebEx site when a WRF hosted on a WebEx site is accessed (stream playback mode). Fixes are cumulative within a major release so for example, if release 27.10.1 is fixed, then release 27.10.2 will have the fix too.
+------------------------------------------------------------+ | Platform | Major Release 26.x | Major Release 27.x | |-----------+---------------------+--------------------------| | Microsoft | 26.49.32; available | 27.10.x; available now | | Windows | now except lockdown | for non-PSO and | | | sites | non-lockdown sites | |-----------+---------------------+--------------------------| | | 26.49.35; available | 27.11.8; available now | | Mac OS X | early February 2010 | for non-PSO and | | | | non-lockdown sites | |-----------+---------------------+--------------------------| | | 26.49.35; available | 27.11.8; available now | | Linux | early February 2010 | for non-PSO and | | | | non-lockdown sites | +------------------------------------------------------------+
PSO and lockdown sites running 27.x will receive the fixes for these vulnerabilities during the next emergency patching (EP) cycle. This advisory will be updated to indicate a specific timeline once one is available.
If the WRF Player was automatically installed, the WebEx WRF Player will be automatically upgraded to the latest, non-vulnerable version when users access a WRF file hosted on a WebEx server.
If the WebEx WRF Player was manually installed, users will need to manually install a new version of the player after downloading the latest version from www.webex.com.
Workarounds
There are no workarounds for the vulnerabilities disclosed in this advisory.
Obtaining Fixed Software
Cisco has released free software updates that address these vulnerabilities. Prior to deploying software, customers should consult their maintenance provider or check the software for feature set compatibility and known issues specific to their environment.
Customers may only install and expect support for the feature sets they have purchased. By installing, downloading, accessing or otherwise using such software upgrades, customers agree to be bound by the terms of Cisco's software license terms found at http://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html, or as otherwise set forth at Cisco.com Downloads at http://www.cisco.com/public/sw-center/sw-usingswc.shtml.
Do not contact psirt@cisco.com or security-alert@cisco.com for software upgrades.
Customers that need additional information can contact WebEx Global Support Services and Technical Support. WebEx Global Support Services and Technical Support can be reached through the WebEx support site at http://support.webex.com/support/support-overview.html or by phone at +1-866-229-3239 or +1-408-435-7088.
Customers outside of the United States can reference the following link for local support numbers:
http://support.webex.com/support/phone-numbers.html
Exploitation and Public Announcements
The Cisco PSIRT is not aware of malicious use of the vulnerabilities described in this advisory.
These vulnerabilities were discovered and reported to Cisco by Xiaopeng Zhang and Zhenhua Liu of Fortinet's FortiGuard Labs. The FortiGuard Labs advisory is available at http://www.fortiguard.com. Cisco would like to thank FortiGuard Labs for reporting these vulnerabilities to us and for working with us on a coordinated disclosure.
Status of this Notice: FINAL
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.
A stand-alone copy or Paraphrase of the text of this document that omits the distribution URL in the following section is an uncontrolled copy, and may lack important information or contain factual errors.
Distribution
This advisory is posted on Cisco's worldwide website at:
http://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml
In addition to worldwide web posting, a text version of this notice is clear-signed with the Cisco PSIRT PGP key and is posted to the following e-mail and Usenet news recipients.
- cust-security-announce@cisco.com
- first-bulletins@lists.first.org
- bugtraq@securityfocus.com
- vulnwatch@vulnwatch.org
- cisco@spot.colorado.edu
- cisco-nsp@puck.nether.net
- full-disclosure@lists.grok.org.uk
- comp.dcom.sys.cisco@newsgate.cisco.com
Future updates of this advisory, if any, will be placed on Cisco's worldwide website, but may or may not be actively announced on mailing lists or newsgroups. Users concerned about this problem are encouraged to check the above URL for any updates.
Revision History
+------------------------------------------------------------+ | Revision 1.0 | 2009-December-16 | Initial public release | +------------------------------------------------------------+
Cisco Security Procedures
Complete information on reporting security vulnerabilities in Cisco products, obtaining assistance with security incidents, and registering to receive security information from Cisco, is available on Cisco's worldwide website at http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html. This includes instructions for press inquiries regarding Cisco security notices. All Cisco security advisories are available at http://www.cisco.com/go/psirt.
+-------------------------------------------------------------------- Copyright 2008-2009 Cisco Systems, Inc. All rights reserved. +--------------------------------------------------------------------
Updated: Dec 16, 2009 Document ID: 110946 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkspCQMACgkQ86n/Gc8U/uCn+QCeLaUWmiHsetXDoJsynUbgsmHs IDgAnRhmTkrcs2NhAQ7Dq8+eJqofkHSh =KaHv -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200912-0439",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webex",
"scope": "eq",
"trust": 2.2,
"vendor": "cisco",
"version": "27.00"
},
{
"model": "webex",
"scope": "eq",
"trust": 2.2,
"vendor": "cisco",
"version": "26.00"
},
{
"model": "webex",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "wrf player (linux) 26.49.35"
},
{
"model": "webex",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "wrf player (linux) 27.11.8"
},
{
"model": "webex",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "wrf player (mac os x) 26.49.35"
},
{
"model": "webex",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "wrf player (mac os x) 27.11.8"
},
{
"model": "webex",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "wrf player (windows) 26.49.32"
},
{
"model": "webex",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "wrf player (windows) 27.10.x"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)27.00"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)26.00"
},
{
"model": "webex",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "27.10"
},
{
"model": "webex",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "26.49.32"
},
{
"model": "webex (mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x)27.11.8"
},
{
"model": "webex (mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x)26.49.35"
},
{
"model": "webex",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "27.11.8"
},
{
"model": "webex",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "26.49.35"
}
],
"sources": [
{
"db": "BID",
"id": "37352"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002687"
},
{
"db": "NVD",
"id": "CVE-2009-2880"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-263"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex:26.00:*:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex:27.00:*:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex:26.00:*:mac_os_x:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex:27.00:*:mac_os_x:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex:27.00:*:linux:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex:26.00:*:linux:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2009-2880"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Xiaopeng ZhangZhenhua Liu\u203b zhliu@fortinet.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200912-263"
}
],
"trust": 0.6
},
"cve": "CVE-2009-2880",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2009-2880",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-40326",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2009-2880",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200912-263",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-40326",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-40326"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002687"
},
{
"db": "NVD",
"id": "CVE-2009-2880"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-263"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in atrpui.dll in the Cisco WebEx WRF Player 26.x before 26.49.32 for Windows, 27.x before 27.10.x for Windows, 26.x before 26.49.35 for Mac OS X and Linux, and 27.x before 27.11.8 for Mac OS X and Linux allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted WebEx Recording Format (WRF) file. Cisco WebEx WRF Player of atrpui.dll Contains a buffer overflow vulnerability. Cisco WebEx is prone to multiple remote buffer-overflow vulnerabilities because the software fails to perform adequate boundary checks on user-supplied data. \nAn attacker can exploit these issues to execute arbitrary code with administrative privileges. Successful exploits will completely compromise affected computers. Failed exploit attempts will result in a denial-of-service condition. ----------------------------------------------------------------------\n\nDo you have VARM strategy implemented?\n\n(Vulnerability Assessment Remediation Management) \n\nIf not, then implement it through the most reliable vulnerability\nintelligence source on the market. \n\nImplement it through Secunia. \n\nORIGINAL ADVISORY:\nCisco:\nhttp://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nCisco Security Advisory: Multiple Cisco WebEx WRF Player Vulnerabilities\n\nAdvisory ID: cisco-sa-20091216-webex\n\nhttp://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml\n\nRevision 1.0\n\nFor Public Release 2009 December 16 1600 UTC (GMT)\n\nSummary\n=======\n\nMultiple buffer overflow vulnerabilities exist in the Cisco WebEx\nRecording Format (WRF) Player. \n\nThe Cisco WebEx WRF Player is an application that is used to play back\nWebEx meeting recordings that have been recorded on the computer of an\non-line meeting attendee. The WRF Player can be automatically installed\nwhen the user accesses a WRF file that is hosted on a WebEx server. The\nWRF Player can also be manually installed for offline playback after\ndownloading the application from www.webex.com. \n\nIf the WRF Player was automatically installed, the WebEx WRF Player\nwill be automatically upgraded to the latest, non-vulnerable version\nwhen users access a WRF file hosted on a WebEx server. If the WebEx\nWRF Player was manually installed, users will need to manually install\na new version of the player after downloading the latest version from\nwww.webex.com. \n\nCisco has released free software updates that address these\nvulnerabilities. \n\nThis advisory is posted at\nhttp://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml. \n\nAffected Products\n=================\n\nVulnerable Products\n- -------------------\n\nThe vulnerabilities disclosed in this advisory affect the Cisco WebEx\nWRF Player. Affected versions of the WRF Player are those prior\nto the \"first fixed\" versions, which are shown in the section \"Software\nVersions and Fixes\" of this advisory. \n\nTo check if a Cisco WebEx server is running an affected version of the\nWebEx client build, users can log in to their Cisco WebEx server and go\nto the Support -\u003e Downloads section. The version of the WebEx client\nbuild will be displayed on the right-hand side of the page under \"About\nSupport Center\", for example \"Client build: 27.11.0.3328\". \n\nThere is no way to check if a manually installed version of the WRF\nPlayer is affected by these vulnerabilities. Therefore, Cisco recommends\nthat users upgrade to the most current version of the player that is\navailable from http://www.webex.com/downloadplayer.html. \n\nProducts Confirmed Not Vulnerable\n- ---------------------------------\n\nThe Cisco WebEx Player for the WebEx Advanced Recording Format (ARF)\nfile format is not affected by these vulnerabilities. \n\nNo other Cisco products are currently known to be affected by these\nvulnerabilities. \n\nDetails\n=======\n\nThe WebEx meeting service is a hosted multimedia conferencing solution\nthat is managed by and maintained by Cisco WebEx. The WebEx Recording\nFormat (WRF) is a file format that is used to store WebEx meeting\nrecordings that have been recorded on the computer of an on-line meeting\nattendee. The WRF Player is an application that is used to play back\nand edit WRF files (files with .wrf extensions). The WRF Player can be\nautomatically installed when the user accesses a WRF file that is hosted\non a WebEx server (stream playback mode). The WRF Player can also be\nmanually installed after downloading the application from www.webex.com\nto play back WRF files locally (offline playback mode). The\nvulnerabilities may lead to a crash of the WRF Player application, or in\nsome cases, lead to remote code execution. \n\nTo exploit a vulnerability, a malicious WRF file would need to be opened\nby the WRF Player application. An attacker may be able to accomplish\nthis by providing the malicious WRF file directly to users (for example,\nvia e-mail), or by convincing users to visit a malicious website. The\nvulnerability cannot be triggered by users attending a WebEx meeting. \n\nThese vulnerabilities have been assigned the following Common\nVulnerabilities and Exposures (CVE) identifiers:\n\n * CVE-2009-2875\n * CVE-2009-2876\n * CVE-2009-2877\n * CVE-2009-2878\n * CVE-2009-2879\n * CVE-2009-2880\n\nVulnerability Scoring Details\n=============================\n\nCisco has provided scores for the vulnerabilities in this advisory based\non the Common Vulnerability Scoring System (CVSS). The CVSS scoring in\nthis Security Advisory is done in accordance with CVSS version 2.0. \n\nCVSS is a standards-based scoring method that conveys vulnerability\nseverity and helps determine urgency and priority of response. \n\nCisco has provided a base and temporal score. Customers can then\ncompute environmental scores to assist in determining the impact of the\nvulnerability in individual networks. \n\nCisco has provided an FAQ to answer additional questions regarding CVSS\nat:\n\nhttp://www.cisco.com/web/about/security/intelligence/cvss-qandas.html\n\nCisco has also provided a CVSS calculator to help compute the\nenvironmental impact for individual networks at:\n\nhttp://intellishield.cisco.com/security/alertmanager/cvss\n\n* Multiple Cisco WebEx Player Buffer Overflow Vulnerabilities (all\nvulnerabilities in this advisory)\n\nCVSS Base Score - 9.3\n Access Vector - Network\n Access Complexity - Medium\n Authentication - None\n Confidentiality Impact - Complete\n Integrity Impact - Complete\n Availability Impact - Complete\n\nCVSS Temporal Score - 7.7\n Exploitability - Functional\n Remediation Level - Official-Fix\n Report Confidence - Confirmed\n\nImpact\n======\n\nSuccessful exploitation of the vulnerabilities described in this\ndocument could result in a crash of the Cisco WebEx WRF Player\napplication, and in some cases, allow a remote attacker to execute\narbitrary code on the targeted system with the privileges of the user\nrunning the WRF Player application. \n\nSoftware Versions and Fixes\n===========================\n\nThe table below contains \"First Fixed\" information for the Cisco WebEx\nWRF Player that is automatically downloaded from a WebEx site when a WRF\nhosted on a WebEx site is accessed (stream playback mode). Fixes are\ncumulative within a major release so for example, if release 27.10.1 is\nfixed, then release 27.10.2 will have the fix too. \n\n+------------------------------------------------------------+\n| Platform | Major Release 26.x | Major Release 27.x |\n|-----------+---------------------+--------------------------|\n| Microsoft | 26.49.32; available | 27.10.x; available now |\n| Windows | now except lockdown | for non-PSO and |\n| | sites | non-lockdown sites |\n|-----------+---------------------+--------------------------|\n| | 26.49.35; available | 27.11.8; available now |\n| Mac OS X | early February 2010 | for non-PSO and |\n| | | non-lockdown sites |\n|-----------+---------------------+--------------------------|\n| | 26.49.35; available | 27.11.8; available now |\n| Linux | early February 2010 | for non-PSO and |\n| | | non-lockdown sites |\n+------------------------------------------------------------+\n\nPSO and lockdown sites running 27.x will receive the fixes for these\nvulnerabilities during the next emergency patching (EP) cycle. This\nadvisory will be updated to indicate a specific timeline once one is\navailable. \n\nIf the WRF Player was automatically installed, the WebEx WRF Player will\nbe automatically upgraded to the latest, non-vulnerable version when\nusers access a WRF file hosted on a WebEx server. \n\nIf the WebEx WRF Player was manually installed, users will need to\nmanually install a new version of the player after downloading the\nlatest version from www.webex.com. \n\nWorkarounds\n===========\n\nThere are no workarounds for the vulnerabilities disclosed in this\nadvisory. \n\nObtaining Fixed Software\n========================\n\nCisco has released free software updates that address these\nvulnerabilities. Prior to deploying software, customers should consult\ntheir maintenance provider or check the software for feature set\ncompatibility and known issues specific to their environment. \n\nCustomers may only install and expect support for the feature\nsets they have purchased. By installing, downloading, accessing\nor otherwise using such software upgrades, customers agree to be\nbound by the terms of Cisco\u0027s software license terms found at\nhttp://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html,\nor as otherwise set forth at Cisco.com Downloads at\nhttp://www.cisco.com/public/sw-center/sw-usingswc.shtml. \n\nDo not contact psirt@cisco.com or security-alert@cisco.com for software\nupgrades. \n\nCustomers that need additional information can contact WebEx Global\nSupport Services and Technical Support. WebEx Global Support Services\nand Technical Support can be reached through the WebEx support site at\nhttp://support.webex.com/support/support-overview.html or by phone at\n+1-866-229-3239 or +1-408-435-7088. \n\nCustomers outside of the United States can reference the following link\nfor local support numbers:\n\nhttp://support.webex.com/support/phone-numbers.html\n\nExploitation and Public Announcements\n=====================================\n\nThe Cisco PSIRT is not aware of malicious use of the vulnerabilities\ndescribed in this advisory. \n\nThese vulnerabilities were discovered and reported to Cisco by Xiaopeng\nZhang and Zhenhua Liu of Fortinet\u0027s FortiGuard Labs. The FortiGuard Labs\nadvisory is available at http://www.fortiguard.com. Cisco would like to\nthank FortiGuard Labs for reporting these vulnerabilities to us and for\nworking with us on a coordinated disclosure. \n\nStatus of this Notice: FINAL\n============================\n\nTHIS DOCUMENT IS PROVIDED ON AN \"AS IS\" BASIS AND DOES NOT IMPLY\nANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF\nMERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE\nINFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS\nAT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS\nDOCUMENT AT ANY TIME. \n\nA stand-alone copy or Paraphrase of the text of this document that omits\nthe distribution URL in the following section is an uncontrolled copy,\nand may lack important information or contain factual errors. \n\nDistribution\n============\n\nThis advisory is posted on Cisco\u0027s worldwide website at:\n\nhttp://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml\n\nIn addition to worldwide web posting, a text version of this notice is\nclear-signed with the Cisco PSIRT PGP key and is posted to the following\ne-mail and Usenet news recipients. \n\n * cust-security-announce@cisco.com\n * first-bulletins@lists.first.org\n * bugtraq@securityfocus.com\n * vulnwatch@vulnwatch.org\n * cisco@spot.colorado.edu\n * cisco-nsp@puck.nether.net\n * full-disclosure@lists.grok.org.uk\n * comp.dcom.sys.cisco@newsgate.cisco.com\n\nFuture updates of this advisory, if any, will be placed on Cisco\u0027s\nworldwide website, but may or may not be actively announced on mailing\nlists or newsgroups. Users concerned about this problem are encouraged\nto check the above URL for any updates. \n\nRevision History\n================\n\n+------------------------------------------------------------+\n| Revision 1.0 | 2009-December-16 | Initial public release |\n+------------------------------------------------------------+\n\nCisco Security Procedures\n=========================\n\nComplete information on reporting security vulnerabilities in\nCisco products, obtaining assistance with security incidents, and\nregistering to receive security information from Cisco, is available\non Cisco\u0027s worldwide website at\nhttp://www.cisco.com/en/US/products/products_security_vulnerability_policy.html. \nThis includes instructions for press inquiries regarding Cisco security\nnotices. All Cisco security advisories are available at\nhttp://www.cisco.com/go/psirt. \n\n+--------------------------------------------------------------------\nCopyright 2008-2009 Cisco Systems, Inc. All rights reserved. \n+--------------------------------------------------------------------\n\nUpdated: Dec 16, 2009 Document ID: 110946\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.9 (GNU/Linux)\n\niEYEARECAAYFAkspCQMACgkQ86n/Gc8U/uCn+QCeLaUWmiHsetXDoJsynUbgsmHs\nIDgAnRhmTkrcs2NhAQ7Dq8+eJqofkHSh\n=KaHv\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2009-2880"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002687"
},
{
"db": "BID",
"id": "37352"
},
{
"db": "VULHUB",
"id": "VHN-40326"
},
{
"db": "PACKETSTORM",
"id": "84023"
},
{
"db": "PACKETSTORM",
"id": "83934"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2009-2880",
"trust": 2.9
},
{
"db": "BID",
"id": "37352",
"trust": 2.8
},
{
"db": "SECUNIA",
"id": "37810",
"trust": 2.6
},
{
"db": "SECTRACK",
"id": "1023360",
"trust": 2.5
},
{
"db": "OSVDB",
"id": "61130",
"trust": 2.5
},
{
"db": "VUPEN",
"id": "ADV-2009-3574",
"trust": 1.7
},
{
"db": "XF",
"id": "54995",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002687",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200912-263",
"trust": 0.7
},
{
"db": "XF",
"id": "54841",
"trust": 0.6
},
{
"db": "CISCO",
"id": "20091216 MULTIPLE CISCO WEBEX WRF PLAYER VULNERABILITIES",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-40326",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "84023",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "83934",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-40326"
},
{
"db": "BID",
"id": "37352"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002687"
},
{
"db": "PACKETSTORM",
"id": "84023"
},
{
"db": "PACKETSTORM",
"id": "83934"
},
{
"db": "NVD",
"id": "CVE-2009-2880"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-263"
}
]
},
"id": "VAR-200912-0439",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-40326"
}
],
"trust": 0.725
},
"last_update_date": "2023-12-18T12:22:44.479000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20091216-webex",
"trust": 0.8,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml"
},
{
"title": "22661",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22661\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
},
{
"title": "22662",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22662\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
},
{
"title": "22663",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22663\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
},
{
"title": "22799",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22799\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
},
{
"title": "23040",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=23040\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
},
{
"title": "19499",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=19499"
},
{
"title": "22660",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22660\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002687"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-40326"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002687"
},
{
"db": "NVD",
"id": "CVE-2009-2880"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/37352"
},
{
"trust": 2.5,
"url": "http://securitytracker.com/id?1023360"
},
{
"trust": 2.5,
"url": "http://secunia.com/advisories/37810"
},
{
"trust": 1.7,
"url": "http://www.cisco.com/en/us/products/products_security_advisory09186a0080b0a577.shtml"
},
{
"trust": 1.7,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=19499"
},
{
"trust": 1.7,
"url": "http://www.fortiguard.com/advisory/fga-2009-48.html"
},
{
"trust": 1.7,
"url": "http://www.fortiguard.com/encyclopedia/vulnerability/cisco.webex.player.atrpui.dos.html"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/61130"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2009/3574"
},
{
"trust": 1.6,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22660\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
},
{
"trust": 1.6,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22661\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
},
{
"trust": 1.6,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22662\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
},
{
"trust": 1.6,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22663\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
},
{
"trust": 1.6,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22799\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
},
{
"trust": 1.6,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=23040\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54841"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2880"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/54995"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-2880"
},
{
"trust": 0.8,
"url": "http://osvdb.org/61130"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/54841"
},
{
"trust": 0.5,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml"
},
{
"trust": 0.3,
"url": "http://www.webex.com/"
},
{
"trust": 0.3,
"url": "/archive/1/508512"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22660\u0026amp;signaturesubid=0\u0026amp;softwareversion=6.0\u0026amp;releaseversion=s456"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22661\u0026amp;signaturesubid=0\u0026amp;softwareversion=6.0\u0026amp;releaseversion=s456"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22662\u0026amp;signaturesubid=0\u0026amp;softwareversion=6.0\u0026amp;releaseversion=s456"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22663\u0026amp;signaturesubid=0\u0026amp;softwareversion=6.0\u0026amp;releaseversion=s456"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22799\u0026amp;signaturesubid=0\u0026amp;softwareversion=6.0\u0026amp;releaseversion=s456"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=23040\u0026amp;signaturesubid=0\u0026amp;softwareversion=6.0\u0026amp;releaseversion=s456"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/37810/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/business_solutions/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2878"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2880"
},
{
"trust": 0.1,
"url": "http://support.webex.com/support/phone-numbers.html"
},
{
"trust": 0.1,
"url": "http://www.fortiguard.com."
},
{
"trust": 0.1,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml."
},
{
"trust": 0.1,
"url": "http://www.cisco.com/en/us/products/products_security_vulnerability_policy.html."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2876"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2875"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/go/psirt."
},
{
"trust": 0.1,
"url": "http://www.webex.com/downloadplayer.html."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2877"
},
{
"trust": 0.1,
"url": "https://www.webex.com."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2879"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/public/sw-center/sw-usingswc.shtml."
},
{
"trust": 0.1,
"url": "http://support.webex.com/support/support-overview.html"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/en/us/docs/general/warranty/english/eu1ken_.html,"
},
{
"trust": 0.1,
"url": "http://intellishield.cisco.com/security/alertmanager/cvss"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-40326"
},
{
"db": "BID",
"id": "37352"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002687"
},
{
"db": "PACKETSTORM",
"id": "84023"
},
{
"db": "PACKETSTORM",
"id": "83934"
},
{
"db": "NVD",
"id": "CVE-2009-2880"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-263"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-40326"
},
{
"db": "BID",
"id": "37352"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002687"
},
{
"db": "PACKETSTORM",
"id": "84023"
},
{
"db": "PACKETSTORM",
"id": "83934"
},
{
"db": "NVD",
"id": "CVE-2009-2880"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-263"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-12-18T00:00:00",
"db": "VULHUB",
"id": "VHN-40326"
},
{
"date": "2009-12-16T00:00:00",
"db": "BID",
"id": "37352"
},
{
"date": "2011-06-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-002687"
},
{
"date": "2009-12-17T17:43:52",
"db": "PACKETSTORM",
"id": "84023"
},
{
"date": "2009-12-16T23:33:50",
"db": "PACKETSTORM",
"id": "83934"
},
{
"date": "2009-12-18T19:30:00.483000",
"db": "NVD",
"id": "CVE-2009-2880"
},
{
"date": "2009-12-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200912-263"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-17T00:00:00",
"db": "VULHUB",
"id": "VHN-40326"
},
{
"date": "2009-12-23T18:53:00",
"db": "BID",
"id": "37352"
},
{
"date": "2011-06-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-002687"
},
{
"date": "2017-08-17T01:30:56.740000",
"db": "NVD",
"id": "CVE-2009-2880"
},
{
"date": "2009-12-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200912-263"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "83934"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-263"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco WebEx WRF Player of atrpui.dll Vulnerable to buffer overflow",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002687"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200912-263"
}
],
"trust": 0.6
}
}
var-202011-1021
Vulnerability from variot
Multiple vulnerabilities in Cisco Webex Network Recording Player for Windows and Cisco Webex Player for Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerabilities are due to insufficient validation of certain elements of a Webex recording that is stored in the Advanced Recording Format (ARF) or Webex Recording Format (WRF). An attacker could exploit these vulnerabilities by sending a user a malicious ARF or WRF file through a link or email attachment and persuading the user to open the file with the affected software on the local system. A successful exploit could allow the attacker to execute arbitrary code on the affected system with the privileges of the targeted user. The issue results from the lack of proper initialization of a pointer prior to accessing it
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202011-1021",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "webex meetings",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "40.6.0"
},
{
"model": "webex meetings",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "40.6.11"
},
{
"model": "webex meetings",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "40.7.0"
},
{
"model": "webex meetings",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "40.8.0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "cisco webex meetings server",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "cisco webex meetings",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "webex",
"scope": null,
"trust": 0.7,
"vendor": "cisco",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-1362"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-013362"
},
{
"db": "NVD",
"id": "CVE-2020-3573"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:3.0:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:4.0:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:4.0:maintenance_release1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:4.0:maintenance_release2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "40.8.0",
"versionStartIncluding": "40.7.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release3_service_pack_2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release3_service_pack_3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "40.6.11",
"versionStartIncluding": "40.6.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-3573"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Francis Provencher {PRL}",
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-1362"
}
],
"trust": 0.7
},
"cve": "CVE-2020-3573",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2020-3573",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-181698",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2020-3573",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2020-3573",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "REQUIRED",
"vectorString": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-3573",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ykramarz@cisco.com",
"id": "CVE-2020-3573",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2020-3573",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202011-342",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-181698",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2020-3573",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-1362"
},
{
"db": "VULHUB",
"id": "VHN-181698"
},
{
"db": "VULMON",
"id": "CVE-2020-3573"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-013362"
},
{
"db": "NVD",
"id": "CVE-2020-3573"
},
{
"db": "NVD",
"id": "CVE-2020-3573"
},
{
"db": "CNNVD",
"id": "CNNVD-202011-342"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple vulnerabilities in Cisco Webex Network Recording Player for Windows and Cisco Webex Player for Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerabilities are due to insufficient validation of certain elements of a Webex recording that is stored in the Advanced Recording Format (ARF) or Webex Recording Format (WRF). An attacker could exploit these vulnerabilities by sending a user a malicious ARF or WRF file through a link or email attachment and persuading the user to open the file with the affected software on the local system. A successful exploit could allow the attacker to execute arbitrary code on the affected system with the privileges of the targeted user. The issue results from the lack of proper initialization of a pointer prior to accessing it",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-3573"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-013362"
},
{
"db": "ZDI",
"id": "ZDI-20-1362"
},
{
"db": "VULHUB",
"id": "VHN-181698"
},
{
"db": "VULMON",
"id": "CVE-2020-3573"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-3573",
"trust": 3.3
},
{
"db": "ZDI",
"id": "ZDI-20-1362",
"trust": 2.4
},
{
"db": "JVNDB",
"id": "JVNDB-2020-013362",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-11176",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-202011-342",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2020.3855",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-181698",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2020-3573",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-1362"
},
{
"db": "VULHUB",
"id": "VHN-181698"
},
{
"db": "VULMON",
"id": "CVE-2020-3573"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-013362"
},
{
"db": "NVD",
"id": "CVE-2020-3573"
},
{
"db": "CNNVD",
"id": "CNNVD-202011-342"
}
]
},
"id": "VAR-202011-1021",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-181698"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:16:43.614000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-webex-nbr-NOS6FQ24",
"trust": 1.5,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-webex-nbr-nos6fq24"
},
{
"title": "Cisco Webex Network Recording Player Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=133200"
},
{
"title": "Cisco: Cisco Webex Network Recording Player and Cisco Webex Player Arbitrary Code Execution Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-webex-nbr-nos6fq24"
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/explangcn/fuyao-go "
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-1362"
},
{
"db": "VULMON",
"id": "CVE-2020-3573"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-013362"
},
{
"db": "CNNVD",
"id": "CNNVD-202011-342"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-665",
"trust": 1.1
},
{
"problemtype": "Buffer error (CWE-119) [NVD Evaluation ]",
"trust": 0.8
},
{
"problemtype": "CWE-119",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-181698"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-013362"
},
{
"db": "NVD",
"id": "CVE-2020-3573"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.0,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-webex-nbr-nos6fq24"
},
{
"trust": 1.7,
"url": "https://www.zerodayinitiative.com/advisories/zdi-20-1362/"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-3573"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.3855/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-1362"
},
{
"db": "VULHUB",
"id": "VHN-181698"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-013362"
},
{
"db": "NVD",
"id": "CVE-2020-3573"
},
{
"db": "CNNVD",
"id": "CNNVD-202011-342"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-20-1362"
},
{
"db": "VULHUB",
"id": "VHN-181698"
},
{
"db": "VULMON",
"id": "CVE-2020-3573"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-013362"
},
{
"db": "NVD",
"id": "CVE-2020-3573"
},
{
"db": "CNNVD",
"id": "CNNVD-202011-342"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-11-10T00:00:00",
"db": "ZDI",
"id": "ZDI-20-1362"
},
{
"date": "2020-11-06T00:00:00",
"db": "VULHUB",
"id": "VHN-181698"
},
{
"date": "2020-11-06T00:00:00",
"db": "VULMON",
"id": "CVE-2020-3573"
},
{
"date": "2021-06-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-013362"
},
{
"date": "2020-11-06T19:15:14.750000",
"db": "NVD",
"id": "CVE-2020-3573"
},
{
"date": "2020-11-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202011-342"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-11-10T00:00:00",
"db": "ZDI",
"id": "ZDI-20-1362"
},
{
"date": "2021-10-19T00:00:00",
"db": "VULHUB",
"id": "VHN-181698"
},
{
"date": "2021-10-19T00:00:00",
"db": "VULMON",
"id": "CVE-2020-3573"
},
{
"date": "2021-06-28T08:08:00",
"db": "JVNDB",
"id": "JVNDB-2020-013362"
},
{
"date": "2023-11-07T03:22:56.073000",
"db": "NVD",
"id": "CVE-2020-3573"
},
{
"date": "2021-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202011-342"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202011-342"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows\u00a0 for \u00a0Cisco\u00a0Webex\u00a0Network\u00a0Recording\u00a0Player\u00a0 and \u00a0Cisco\u00a0Webex\u00a0Player\u00a0 Buffer Error Vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-013362"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202011-342"
}
],
"trust": 0.6
}
}
var-201711-0382
Vulnerability from variot
A "Cisco WebEx Network Recording Player Remote Code Execution Vulnerability" exists in Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) and WebEx Recording Format (WRF) files. A remote attacker could exploit this by providing a user with a malicious ARF or WRF file via email or URL and convincing the user to launch the file. Exploitation of this could cause an affected player to crash and, in some cases, could allow arbitrary code execution on the system of a targeted user. Cisco Bug IDs: CSCvf49650, CSCvg54853, CSCvg54856, CSCvf49697, CSCvg54861, CSCvf49707, CSCvg54867. Vendors have confirmed this vulnerability Bug ID CSCvf49650 , CSCvg54853 , CSCvg54856 , CSCvf49697 , CSCvg54861 , CSCvf49707 and CSCvg54867 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the processing of ARF files. Crafted data in an ARF file can trigger access to memory prior to initialization. An attacker can leverage this vulnerability to execute code under the context of the current process. Multiple Cisco WebEx Products are prone to the following security vulnerabilities: 1. Multiple remote code-execution vulnerabilities 2. Failed exploit attempts will likely result in denial-of-service conditions. Cisco WebEx Business Suite (WBS30) client and so on are the client software of Cisco's video conferencing solution. The following products and versions are affected: Cisco WebEx Business Suite (WBS30) client builds prior to T30.20; WebEx Business Suite (WBS31) client builds prior to T31.14.1; WebEx Business Suite (WBS32) client builds prior to T32.2 versions before WebEx Meetings with client builds prior to T31.14; versions prior to WebEx Meeting Server builds 2.7MR3
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201711-0382",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webex",
"scope": null,
"trust": 2.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "t31"
},
{
"model": "webex meetings",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "t30"
},
{
"model": "webex business suite client",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings client",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meeting server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex business suite client t31.10",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite client t30.17",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings client t31.14",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meeting server 2.7mr3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite client t32.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite client t31.14.1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite client t30.20",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-930"
},
{
"db": "ZDI",
"id": "ZDI-17-932"
},
{
"db": "ZDI",
"id": "ZDI-17-937"
},
{
"db": "ZDI",
"id": "ZDI-17-931"
},
{
"db": "BID",
"id": "102017"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010394"
},
{
"db": "NVD",
"id": "CVE-2017-12371"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-1144"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings:t30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings:t31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-12371"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Steven Seeley (mr_me) of Offensive Security",
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-930"
},
{
"db": "ZDI",
"id": "ZDI-17-932"
},
{
"db": "ZDI",
"id": "ZDI-17-937"
},
{
"db": "ZDI",
"id": "ZDI-17-931"
}
],
"trust": 2.8
},
"cve": "CVE-2017-12371",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2017-12371",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 3.6,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-102887",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.6,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-12371",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "ZDI",
"id": "CVE-2017-12371",
"trust": 2.8,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2017-12371",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNNVD",
"id": "CNNVD-201711-1144",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-102887",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-930"
},
{
"db": "ZDI",
"id": "ZDI-17-932"
},
{
"db": "ZDI",
"id": "ZDI-17-937"
},
{
"db": "ZDI",
"id": "ZDI-17-931"
},
{
"db": "VULHUB",
"id": "VHN-102887"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010394"
},
{
"db": "NVD",
"id": "CVE-2017-12371"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-1144"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A \"Cisco WebEx Network Recording Player Remote Code Execution Vulnerability\" exists in Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) and WebEx Recording Format (WRF) files. A remote attacker could exploit this by providing a user with a malicious ARF or WRF file via email or URL and convincing the user to launch the file. Exploitation of this could cause an affected player to crash and, in some cases, could allow arbitrary code execution on the system of a targeted user. Cisco Bug IDs: CSCvf49650, CSCvg54853, CSCvg54856, CSCvf49697, CSCvg54861, CSCvf49707, CSCvg54867. Vendors have confirmed this vulnerability Bug ID CSCvf49650 , CSCvg54853 , CSCvg54856 , CSCvf49697 , CSCvg54861 , CSCvf49707 and CSCvg54867 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the processing of ARF files. Crafted data in an ARF file can trigger access to memory prior to initialization. An attacker can leverage this vulnerability to execute code under the context of the current process. Multiple Cisco WebEx Products are prone to the following security vulnerabilities:\n1. Multiple remote code-execution vulnerabilities\n2. Failed exploit attempts will likely result in denial-of-service conditions. Cisco WebEx Business Suite (WBS30) client and so on are the client software of Cisco\u0027s video conferencing solution. The following products and versions are affected: Cisco WebEx Business Suite (WBS30) client builds prior to T30.20; WebEx Business Suite (WBS31) client builds prior to T31.14.1; WebEx Business Suite (WBS32) client builds prior to T32.2 versions before WebEx Meetings with client builds prior to T31.14; versions prior to WebEx Meeting Server builds 2.7MR3",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-12371"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010394"
},
{
"db": "ZDI",
"id": "ZDI-17-930"
},
{
"db": "ZDI",
"id": "ZDI-17-932"
},
{
"db": "ZDI",
"id": "ZDI-17-937"
},
{
"db": "ZDI",
"id": "ZDI-17-931"
},
{
"db": "BID",
"id": "102017"
},
{
"db": "VULHUB",
"id": "VHN-102887"
}
],
"trust": 4.5
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-12371",
"trust": 5.7
},
{
"db": "BID",
"id": "102017",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1039895",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010394",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-4914",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-17-930",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5009",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-17-932",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-4986",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-17-937",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-4987",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-17-931",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201711-1144",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-102887",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "145176",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-930"
},
{
"db": "ZDI",
"id": "ZDI-17-932"
},
{
"db": "ZDI",
"id": "ZDI-17-937"
},
{
"db": "ZDI",
"id": "ZDI-17-931"
},
{
"db": "VULHUB",
"id": "VHN-102887"
},
{
"db": "BID",
"id": "102017"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010394"
},
{
"db": "PACKETSTORM",
"id": "145176"
},
{
"db": "NVD",
"id": "CVE-2017-12371"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-1144"
}
]
},
"id": "VAR-201711-0382",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-102887"
}
],
"trust": 0.6857143
},
"last_update_date": "2023-12-18T12:44:20.670000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20171129-webex-players",
"trust": 3.6,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20171129-webex-players"
},
{
"title": "Multiple Cisco product WebEx Recording Format Player and Advanced Recording Format Player Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=76799"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-930"
},
{
"db": "ZDI",
"id": "ZDI-17-932"
},
{
"db": "ZDI",
"id": "ZDI-17-937"
},
{
"db": "ZDI",
"id": "ZDI-17-931"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010394"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-1144"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-102887"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010394"
},
{
"db": "NVD",
"id": "CVE-2017-12371"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 4.8,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20171129-webex-players"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/102017"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039895"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-12371"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-12371"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-12372"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-12369"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-12367"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-12368"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-12370"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-930"
},
{
"db": "ZDI",
"id": "ZDI-17-932"
},
{
"db": "ZDI",
"id": "ZDI-17-937"
},
{
"db": "ZDI",
"id": "ZDI-17-931"
},
{
"db": "VULHUB",
"id": "VHN-102887"
},
{
"db": "BID",
"id": "102017"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010394"
},
{
"db": "PACKETSTORM",
"id": "145176"
},
{
"db": "NVD",
"id": "CVE-2017-12371"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-1144"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-17-930"
},
{
"db": "ZDI",
"id": "ZDI-17-932"
},
{
"db": "ZDI",
"id": "ZDI-17-937"
},
{
"db": "ZDI",
"id": "ZDI-17-931"
},
{
"db": "VULHUB",
"id": "VHN-102887"
},
{
"db": "BID",
"id": "102017"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010394"
},
{
"db": "PACKETSTORM",
"id": "145176"
},
{
"db": "NVD",
"id": "CVE-2017-12371"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-1144"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-12-06T00:00:00",
"db": "ZDI",
"id": "ZDI-17-930"
},
{
"date": "2017-12-06T00:00:00",
"db": "ZDI",
"id": "ZDI-17-932"
},
{
"date": "2017-12-06T00:00:00",
"db": "ZDI",
"id": "ZDI-17-937"
},
{
"date": "2017-12-06T00:00:00",
"db": "ZDI",
"id": "ZDI-17-931"
},
{
"date": "2017-11-30T00:00:00",
"db": "VULHUB",
"id": "VHN-102887"
},
{
"date": "2017-11-29T00:00:00",
"db": "BID",
"id": "102017"
},
{
"date": "2017-12-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-010394"
},
{
"date": "2017-12-01T03:05:38",
"db": "PACKETSTORM",
"id": "145176"
},
{
"date": "2017-11-30T09:29:01.683000",
"db": "NVD",
"id": "CVE-2017-12371"
},
{
"date": "2017-11-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201711-1144"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-12-06T00:00:00",
"db": "ZDI",
"id": "ZDI-17-930"
},
{
"date": "2017-12-06T00:00:00",
"db": "ZDI",
"id": "ZDI-17-932"
},
{
"date": "2017-12-06T00:00:00",
"db": "ZDI",
"id": "ZDI-17-937"
},
{
"date": "2017-12-06T00:00:00",
"db": "ZDI",
"id": "ZDI-17-931"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-102887"
},
{
"date": "2017-12-19T22:01:00",
"db": "BID",
"id": "102017"
},
{
"date": "2017-12-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-010394"
},
{
"date": "2019-10-09T23:23:02.230000",
"db": "NVD",
"id": "CVE-2017-12371"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201711-1144"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201711-1144"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco WebEx Recorder and Player WRF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability",
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-937"
},
{
"db": "ZDI",
"id": "ZDI-17-931"
}
],
"trust": 1.4
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201711-1144"
}
],
"trust": 0.6
}
}
var-201210-0313
Vulnerability from variot
Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCua40962. Cisco WebEx is prone to multiple remote memory-corruption vulnerabilities. An attacker can exploit these issues to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions. Cisco WebEx is a set of Web conferencing tools developed by American Cisco (Cisco), which can assist office workers in different places to coordinate and cooperate. WebEx services include Web conferencing, telepresence video conferencing and enterprise instant messaging (IM). Cisco WebEx Player is used to play the WebEx meeting records recorded by participants on their computers. ----------------------------------------------------------------------
The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/
TITLE: Cisco WebEx Recording Format Player Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA50905
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/50905/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=50905
RELEASE DATE: 2012-10-11
DISCUSS ADVISORY: http://secunia.com/advisories/50905/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/50905/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=50905
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Cisco WebEx Recording Format Player, which can be exploited by malicious people to compromise a user's system.
1) An unspecified error can be exploited to cause a buffer overflow via a specially crafted WRF file.
2) An unspecified error can be exploited to cause a buffer overflow via a specially crafted WRF file.
3) An unspecified error can be exploited to cause a buffer overflow via a specially crafted WRF file.
4) An unspecified error can be exploited to corrupt memory via a specially crafted WRF file.
5) An unspecified error can be exploited to cause a buffer overflow via a specially crafted WRF file.
6) An unspecified error can be exploited to cause a heap-based buffer overflow via a specially crafted WRF file.
Successful exploitation of the vulnerabilities may allow execution of arbitrary code.
The vulnerabilities are reported in the following versions: * T28 client builds prior to T28.4 (28.4) * T27 client builds prior to T27LDSP32EP10 (27.32.10)
SOLUTION: Update to version 28.4 or 27.32.10.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: The vendor credits Beyond Security, Core Security, Codenomicon, and TELUS.
ORIGINAL ADVISORY: Cisco: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-webex
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201210-0313",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webex recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.25.10"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.21.10"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.32.1"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.11.26"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "28.0.0"
},
{
"model": "webex recording format player",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "t28 client build"
},
{
"model": "webex recording format player",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "t27 client build"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "t28.4 (28.4)"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "t27ldsp32ep10 (27.32.10)"
},
{
"model": "webex t27 ld sp32 cp1",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 ld sp32",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 lc sp25 ep9",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 lc sp25 ep10",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 lb sp21 ep10",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 l sp11 ep26",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 fr20",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "27.00"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "27.10"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)27.11.8"
},
{
"model": "webex (mac os t27 sp28",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 sp25 ep3",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 sp23",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 sp21 ep9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 sp11 ep23",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 ld sp32 cp1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 ld sp32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 lc sp25 ep9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 lc sp25 ep10",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 lb sp21 ep10",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 l sp11 ep26",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 fr20",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)27.00"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "27.11.8"
},
{
"model": "webex t27 sp28",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 sp25 ep3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 sp23",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 sp21 ep9",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 sp11 ep23",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "55866"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005131"
},
{
"db": "NVD",
"id": "CVE-2012-3936"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-233"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:27.25.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:28.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:27.32.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:27.21.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:27.11.26:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-3936"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Beyond Security, Core Security, Codenomicon, and TELUS",
"sources": [
{
"db": "BID",
"id": "55866"
}
],
"trust": 0.3
},
"cve": "CVE-2012-3936",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2012-3936",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-57217",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-3936",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201210-233",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-57217",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57217"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005131"
},
{
"db": "NVD",
"id": "CVE-2012-3936"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-233"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCua40962. Cisco WebEx is prone to multiple remote memory-corruption vulnerabilities. \nAn attacker can exploit these issues to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions. Cisco WebEx is a set of Web conferencing tools developed by American Cisco (Cisco), which can assist office workers in different places to coordinate and cooperate. WebEx services include Web conferencing, telepresence video conferencing and enterprise instant messaging (IM). Cisco WebEx Player is used to play the WebEx meeting records recorded by participants on their computers. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nCisco WebEx Recording Format Player Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA50905\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/50905/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50905\n\nRELEASE DATE:\n2012-10-11\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/50905/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/50905/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50905\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Cisco WebEx Recording\nFormat Player, which can be exploited by malicious people to\ncompromise a user\u0027s system. \n\n1) An unspecified error can be exploited to cause a buffer overflow\nvia a specially crafted WRF file. \n\n2) An unspecified error can be exploited to cause a buffer overflow\nvia a specially crafted WRF file. \n\n3) An unspecified error can be exploited to cause a buffer overflow\nvia a specially crafted WRF file. \n\n4) An unspecified error can be exploited to corrupt memory via a\nspecially crafted WRF file. \n\n5) An unspecified error can be exploited to cause a buffer overflow\nvia a specially crafted WRF file. \n\n6) An unspecified error can be exploited to cause a heap-based buffer\noverflow via a specially crafted WRF file. \n\nSuccessful exploitation of the vulnerabilities may allow execution of\narbitrary code. \n\nThe vulnerabilities are reported in the following versions:\n* T28 client builds prior to T28.4 (28.4)\n* T27 client builds prior to T27LDSP32EP10 (27.32.10)\n\nSOLUTION:\nUpdate to version 28.4 or 27.32.10. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits Beyond Security, Core Security, Codenomicon, and\nTELUS. \n\nORIGINAL ADVISORY:\nCisco:\nhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-webex\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-3936"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005131"
},
{
"db": "BID",
"id": "55866"
},
{
"db": "VULHUB",
"id": "VHN-57217"
},
{
"db": "PACKETSTORM",
"id": "117325"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-3936",
"trust": 2.8
},
{
"db": "BID",
"id": "55866",
"trust": 1.4
},
{
"db": "SECTRACK",
"id": "1027639",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "86141",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005131",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201210-233",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "50905",
"trust": 0.7
},
{
"db": "CISCO",
"id": "20121010 MULTIPLE VULNERABILITIES IN THE CISCO WEBEX RECORDING FORMAT PLAYER",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-57217",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "117325",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57217"
},
{
"db": "BID",
"id": "55866"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005131"
},
{
"db": "PACKETSTORM",
"id": "117325"
},
{
"db": "NVD",
"id": "CVE-2012-3936"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-233"
}
]
},
"id": "VAR-201210-0313",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-57217"
}
],
"trust": 0.69583333
},
"last_update_date": "2023-12-18T13:09:37.331000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20121010-webex",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20121010-webex"
},
{
"title": "27109",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=27109"
},
{
"title": "cisco-sa-20121010-webex",
"trust": 0.8,
"url": "http://www.cisco.com/cisco/web/support/jp/111/1116/1116639_cisco-sa-20121010-webex-j.html"
},
{
"title": "atrecply",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=45107"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-005131"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-233"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57217"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005131"
},
{
"db": "NVD",
"id": "CVE-2012-3936"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20121010-webex"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/55866"
},
{
"trust": 1.1,
"url": "http://osvdb.org/86141"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1027639"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3936"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-3936"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/50905"
},
{
"trust": 0.3,
"url": "http://www.webex.com/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50905"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50905/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/blog/325/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50905/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57217"
},
{
"db": "BID",
"id": "55866"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005131"
},
{
"db": "PACKETSTORM",
"id": "117325"
},
{
"db": "NVD",
"id": "CVE-2012-3936"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-233"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-57217"
},
{
"db": "BID",
"id": "55866"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005131"
},
{
"db": "PACKETSTORM",
"id": "117325"
},
{
"db": "NVD",
"id": "CVE-2012-3936"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-233"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-10-25T00:00:00",
"db": "VULHUB",
"id": "VHN-57217"
},
{
"date": "2012-10-10T00:00:00",
"db": "BID",
"id": "55866"
},
{
"date": "2012-10-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-005131"
},
{
"date": "2012-10-11T10:07:14",
"db": "PACKETSTORM",
"id": "117325"
},
{
"date": "2012-10-25T14:55:01.327000",
"db": "NVD",
"id": "CVE-2012-3936"
},
{
"date": "2012-10-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201210-233"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-05-04T00:00:00",
"db": "VULHUB",
"id": "VHN-57217"
},
{
"date": "2015-03-19T09:16:00",
"db": "BID",
"id": "55866"
},
{
"date": "2012-10-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-005131"
},
{
"date": "2013-05-04T03:20:03.580000",
"db": "NVD",
"id": "CVE-2012-3936"
},
{
"date": "2012-10-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201210-233"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201210-233"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco WebEx Recording Format Player Vulnerable to buffer overflow",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-005131"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201210-233"
}
],
"trust": 0.6
}
}
var-201307-0523
Vulnerability from variot
Cisco WebEx is a set of Web conferencing tools from Cisco in the United States. This tool can assist remote office staff to coordinate and cooperate. WebEx services include Web conferencing, telepresence video conferencing, and enterprise instant messaging (IM). An information disclosure vulnerability exists in the Cisco WebEx One-Click Client. An attacker could use this vulnerability to gain sensitive information, such as stored passwords, which can help launch further attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201307-0523",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "27.10"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "26.49.32"
},
{
"model": "webex t27 sp28",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 sp25 ep3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 sp23",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 sp21 ep9",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 sp11 ep23",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 ld sp32 cp1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 ld sp32",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 lc sp25 ep9",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 lc sp25 ep10",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 lb sp21 ep10",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 l sp11 ep26",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 fr20",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex t26 sp49 ep40",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.26"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "28.4"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "28.1.0"
},
{
"model": "webex 27lc sp22",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex 27lb sp21 ep3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "27.32.2"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "27.32.10"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "27.25.11"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "27.00"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "26.00"
}
],
"sources": [
{
"db": "BID",
"id": "61304"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Brad Antoniewicz of Open Security Research",
"sources": [
{
"db": "BID",
"id": "61304"
},
{
"db": "CNNVD",
"id": "CNNVD-201307-547"
}
],
"trust": 0.9
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco WebEx is a set of Web conferencing tools from Cisco in the United States. This tool can assist remote office staff to coordinate and cooperate. WebEx services include Web conferencing, telepresence video conferencing, and enterprise instant messaging (IM). \nAn information disclosure vulnerability exists in the Cisco WebEx One-Click Client. An attacker could use this vulnerability to gain sensitive information, such as stored passwords, which can help launch further attacks",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201307-547"
},
{
"db": "BID",
"id": "61304"
}
],
"trust": 0.81
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "61304",
"trust": 0.9
},
{
"db": "CNNVD",
"id": "CNNVD-201307-547",
"trust": 0.6
}
],
"sources": [
{
"db": "BID",
"id": "61304"
},
{
"db": "CNNVD",
"id": "CNNVD-201307-547"
}
]
},
"id": "VAR-201307-0523",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.6076922866666666
},
"last_update_date": "2022-05-17T02:09:06.481000Z",
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/61304"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/web/products/quad/index.html"
},
{
"trust": 0.3,
"url": "https://github.com/opensecurityresearch/onedecrypt/"
},
{
"trust": 0.3,
"url": "http://blog.opensecurityresearch.com/2013/07/quick-reversing-webex-one-click.html"
}
],
"sources": [
{
"db": "BID",
"id": "61304"
},
{
"db": "CNNVD",
"id": "CNNVD-201307-547"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "BID",
"id": "61304"
},
{
"db": "CNNVD",
"id": "CNNVD-201307-547"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-07-09T00:00:00",
"db": "BID",
"id": "61304"
},
{
"date": "2013-07-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201307-547"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-07-09T00:00:00",
"db": "BID",
"id": "61304"
},
{
"date": "2013-07-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201307-547"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "61304"
},
{
"db": "CNNVD",
"id": "CNNVD-201307-547"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco WebEx One-Click Client Password Encryption Information Disclosure Vulnerability",
"sources": [
{
"db": "BID",
"id": "61304"
},
{
"db": "CNNVD",
"id": "CNNVD-201307-547"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201307-547"
}
],
"trust": 0.6
}
}
var-201206-0108
Vulnerability from variot
Buffer overflow in the Cisco WebEx Advanced Recording Format (ARF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27 LC before SP25 EP11, T27 LD before SP32 CP2, and T28 L10N before SP1 allows remote attackers to execute arbitrary code via a crafted ARF file, aka Bug ID CSCtz72985. Cisco WebEx Advanced Recording Format (ARF) player Contains a buffer overflow vulnerability. The problem is Bug ID CSCtz72985 It is a problem.Skillfully crafted by a third party ARF An arbitrary code may be executed via the file. Cisco WebEx is prone to multiple remote buffer-overflow vulnerabilities because it fails to perform adequate boundary-checks on user-supplied data. An attacker can exploit these issues to execute arbitrary code with the privileges of the affected application. Failed exploit attempts will result in a denial-of-service condition. Cisco WebEx is a set of Web conferencing tools developed by American Cisco (Cisco), which can assist office workers in different places to coordinate and cooperate. WebEx services include Web conferencing, telepresence video conferencing and enterprise instant messaging (IM). ----------------------------------------------------------------------
Become a PSI 3.0 beta tester! Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. Download it here! http://secunia.com/psi_30_beta_launch
TITLE: Cisco WebEx Player ARF Processing Buffer Overflow Vulnerability
SECUNIA ADVISORY ID: SA49751
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/49751/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=49751
RELEASE DATE: 2012-06-28
DISCUSS ADVISORY: http://secunia.com/advisories/49751/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/49751/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=49751
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A vulnerability has been reported in WebEx Advanced Recording Format Player, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an unspecified error when processing ARF files. No further information is currently available.
Successful exploitation may allow execution of arbitrary code.
The vulnerability is reported in the following versions: * Client builds 28.0.0 (T28 L10N). * Client builds 27.32.1 (T27 LD SP32 CP1) and prior. * Client builds 27.25.10 (T27 LC SP25 EP10) and prior. * Client builds 27.21.10 (T27 LB SP21 EP10) and prior. * Client builds 27.11.26 (T27 L SP11 EP26) and prior.
SOLUTION: Update to a fixed client build (please see the vendor's advisory for details).
PROVIDED AND/OR DISCOVERED BY: The vendor credits iDefense and Microsoft Vulnerability Research (MSVR).
ORIGINAL ADVISORY: Cisco: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120627-webex
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201206-0108",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webex advanced recording format player",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "28.0.0"
},
{
"model": "webex advanced recording format player",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "27.11.26"
},
{
"model": "webex advanced recording format player",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "27.11.0"
},
{
"model": "webex advanced recording format player",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "27.25.0"
},
{
"model": "webex advanced recording format player",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "27.25.11"
},
{
"model": "webex advanced recording format player",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "27.21.10"
},
{
"model": "webex advanced recording format player",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "27.32.2"
},
{
"model": "webex advanced recording format player",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "28.0.1"
},
{
"model": "webex advanced recording format player",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "27.21.0"
},
{
"model": "webex advanced recording format player",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "27.32.0"
},
{
"model": "webex advanced recording format player",
"scope": "lte",
"trust": 0.8,
"vendor": "cisco",
"version": "client builds 27.25.10 (t27 lc sp25 ep10)"
},
{
"model": "webex advanced recording format player",
"scope": "lte",
"trust": 0.8,
"vendor": "cisco",
"version": "client builds 27.32.1 (t27 ld sp32 cp1)"
},
{
"model": "webex advanced recording format player",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "client builds 28.0.0 (t28 l 10n)"
},
{
"model": "webex t27 sp28",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 sp25 ep3",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 sp23",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 sp21 ep9",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 sp11 ep23",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 ld sp32 cp1",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 ld sp32",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 lc sp25 ep9",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 lc sp25 ep10",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 lb sp21 ep10",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 l sp11 ep26",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 fr20",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t26 sp49 ep40",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex 27lc sp22",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex 27lb sp21 ep3",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "27.00"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "26.00"
},
{
"model": "webex advanced recording format player",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "27.11.26"
},
{
"model": "webex advanced recording format player",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "27.21.10"
},
{
"model": "webex advanced recording format player",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "27.32.1"
},
{
"model": "webex advanced recording format player",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "27.25.10"
},
{
"model": "webex advanced recording format player",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "28.0.0"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "27.10"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "26.49.32"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)27.11.8"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)26.49.35"
},
{
"model": "webex (mac os t27 sp28",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 sp25 ep3",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 sp23",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 sp21 ep9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 sp11 ep23",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 ld sp32 cp1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 ld sp32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 lc sp25 ep9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 lc sp25 ep10",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 lb sp21 ep10",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 l sp11 ep26",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 fr20",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t26 sp49 ep40",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os 27lc sp22",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os 27lb sp21 ep3",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)27.00"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)26.00"
},
{
"model": "webex (ma t27 ld sp32",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "27.11.8"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "26.49.35"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "28"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "27"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "54213"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002941"
},
{
"db": "NVD",
"id": "CVE-2012-3053"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-525"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "27.11.26",
"versionStartIncluding": "27.11.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "27.21.10",
"versionStartIncluding": "27.21.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "27.32.2",
"versionStartIncluding": "27.32.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "27.25.11",
"versionStartIncluding": "27.25.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "28.0.1",
"versionStartIncluding": "28.0.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-3053"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "iDefense and Microsoft Vulnerability Research (MSVR)",
"sources": [
{
"db": "BID",
"id": "54213"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-525"
}
],
"trust": 0.9
},
"cve": "CVE-2012-3053",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2012-3053",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-56334",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-3053",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201206-525",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-56334",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-56334"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002941"
},
{
"db": "NVD",
"id": "CVE-2012-3053"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-525"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in the Cisco WebEx Advanced Recording Format (ARF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27 LC before SP25 EP11, T27 LD before SP32 CP2, and T28 L10N before SP1 allows remote attackers to execute arbitrary code via a crafted ARF file, aka Bug ID CSCtz72985. Cisco WebEx Advanced Recording Format (ARF) player Contains a buffer overflow vulnerability. The problem is Bug ID CSCtz72985 It is a problem.Skillfully crafted by a third party ARF An arbitrary code may be executed via the file. Cisco WebEx is prone to multiple remote buffer-overflow vulnerabilities because it fails to perform adequate boundary-checks on user-supplied data. \nAn attacker can exploit these issues to execute arbitrary code with the privileges of the affected application. Failed exploit attempts will result in a denial-of-service condition. Cisco WebEx is a set of Web conferencing tools developed by American Cisco (Cisco), which can assist office workers in different places to coordinate and cooperate. WebEx services include Web conferencing, telepresence video conferencing and enterprise instant messaging (IM). ----------------------------------------------------------------------\n\nBecome a PSI 3.0 beta tester!\nTest-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. \nDownload it here!\nhttp://secunia.com/psi_30_beta_launch\n\n----------------------------------------------------------------------\n\nTITLE:\nCisco WebEx Player ARF Processing Buffer Overflow Vulnerability\n\nSECUNIA ADVISORY ID:\nSA49751\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/49751/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49751\n\nRELEASE DATE:\n2012-06-28\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/49751/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/49751/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49751\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA vulnerability has been reported in WebEx Advanced Recording Format\nPlayer, which can be exploited by malicious people to compromise a\nuser\u0027s system. \n\nThe vulnerability is caused due to an unspecified error when\nprocessing ARF files. No further information is currently available. \n\nSuccessful exploitation may allow execution of arbitrary code. \n\nThe vulnerability is reported in the following versions:\n* Client builds 28.0.0 (T28 L10N). \n* Client builds 27.32.1 (T27 LD SP32 CP1) and prior. \n* Client builds 27.25.10 (T27 LC SP25 EP10) and prior. \n* Client builds 27.21.10 (T27 LB SP21 EP10) and prior. \n* Client builds 27.11.26 (T27 L SP11 EP26) and prior. \n\nSOLUTION:\nUpdate to a fixed client build (please see the vendor\u0027s advisory for\ndetails). \n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits iDefense and Microsoft Vulnerability Research\n(MSVR). \n\nORIGINAL ADVISORY:\nCisco:\nhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120627-webex\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-3053"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002941"
},
{
"db": "BID",
"id": "54213"
},
{
"db": "VULHUB",
"id": "VHN-56334"
},
{
"db": "PACKETSTORM",
"id": "114289"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-3053",
"trust": 2.8
},
{
"db": "BID",
"id": "54213",
"trust": 0.9
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002941",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201206-525",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "49751",
"trust": 0.7
},
{
"db": "CISCO",
"id": "20120627 BUFFER OVERFLOW VULNERABILITIES IN THE CISCO WEBEX PLAYER",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "19900",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-56334",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "114289",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-56334"
},
{
"db": "BID",
"id": "54213"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002941"
},
{
"db": "PACKETSTORM",
"id": "114289"
},
{
"db": "NVD",
"id": "CVE-2012-3053"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-525"
}
]
},
"id": "VAR-201206-0108",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-56334"
}
],
"trust": 0.7296153719999999
},
"last_update_date": "2023-12-18T12:10:04.619000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20120627-webex",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20120627-webex"
},
{
"title": "26205",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=26205"
},
{
"title": "cisco-sa-20120627-webex",
"trust": 0.8,
"url": "http://www.cisco.com/cisco/web/support/jp/111/1115/1115508_cisco-sa-20120627-webex-j.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-002941"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-56334"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002941"
},
{
"db": "NVD",
"id": "CVE-2012-3053"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20120627-webex"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3053"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-3053"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/49751"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/54213"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/19900"
},
{
"trust": 0.3,
"url": "http://www.webex.com/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49751"
},
{
"trust": 0.1,
"url": "http://secunia.com/psi_30_beta_launch"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/49751/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/49751/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-56334"
},
{
"db": "BID",
"id": "54213"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002941"
},
{
"db": "PACKETSTORM",
"id": "114289"
},
{
"db": "NVD",
"id": "CVE-2012-3053"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-525"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-56334"
},
{
"db": "BID",
"id": "54213"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002941"
},
{
"db": "PACKETSTORM",
"id": "114289"
},
{
"db": "NVD",
"id": "CVE-2012-3053"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-525"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-06-29T00:00:00",
"db": "VULHUB",
"id": "VHN-56334"
},
{
"date": "2012-06-27T00:00:00",
"db": "BID",
"id": "54213"
},
{
"date": "2012-07-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-002941"
},
{
"date": "2012-06-28T06:12:20",
"db": "PACKETSTORM",
"id": "114289"
},
{
"date": "2012-06-29T14:55:01.017000",
"db": "NVD",
"id": "CVE-2012-3053"
},
{
"date": "2012-06-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201206-525"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-03T00:00:00",
"db": "VULHUB",
"id": "VHN-56334"
},
{
"date": "2015-03-19T09:40:00",
"db": "BID",
"id": "54213"
},
{
"date": "2012-07-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-002941"
},
{
"date": "2018-12-03T13:42:31.243000",
"db": "NVD",
"id": "CVE-2012-3053"
},
{
"date": "2012-06-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201206-525"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201206-525"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco WebEx Advanced Recording Format player Vulnerable to buffer overflow",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-002941"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201206-525"
}
],
"trust": 0.6
}
}
var-201711-0381
Vulnerability from variot
A "Cisco WebEx Network Recording Player Remote Code Execution Vulnerability" exists in Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) and WebEx Recording Format (WRF) files. A remote attacker could exploit this by providing a user with a malicious ARF or WRF file via email or URL and convincing the user to launch the file. Exploitation of this could cause an affected player to crash and, in some cases, could allow arbitrary code execution on the system of a targeted user. Cisco Bug IDs: CSCvf38060, CSCvg54836, CSCvf38077, CSCvg54843, CSCvf38084, CSCvg54850. Vendors have confirmed this vulnerability Bug ID CSCvf38060 , CSCvg54836 , CSCvf38077 , CSCvg54843 , CSCvf38084 and CSCvg54850 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the processing of WRF files. Crafted data in a WRF file can trigger an overflow of a heap-based buffer. An attacker can leverage this vulnerability to execute code under the context of the current process. Multiple Cisco WebEx Products are prone to the following security vulnerabilities: 1. Multiple remote code-execution vulnerabilities 2. Failed exploit attempts will likely result in denial-of-service conditions. Cisco WebEx Business Suite (WBS30) client and so on are the client software of Cisco's video conferencing solution. The following products and versions are affected: Cisco WebEx Business Suite (WBS30) client builds prior to T30.20; WebEx Business Suite (WBS31) client builds prior to T31.14.1; WebEx Business Suite (WBS32) client builds prior to T32.2 versions before WebEx Meetings with client builds prior to T31.14; versions prior to WebEx Meeting Server builds 2.7MR3
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201711-0381",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webex",
"scope": null,
"trust": 2.1,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "t31"
},
{
"model": "webex meetings",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "t30"
},
{
"model": "webex business suite client",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings client",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meeting server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex business suite client t31.10",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite client t30.17",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings client t31.14",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meeting server 2.7mr3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite client t32.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite client t31.14.1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite client t30.20",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-935"
},
{
"db": "ZDI",
"id": "ZDI-17-936"
},
{
"db": "ZDI",
"id": "ZDI-17-934"
},
{
"db": "BID",
"id": "102017"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010393"
},
{
"db": "NVD",
"id": "CVE-2017-12370"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-1143"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings:t30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings:t31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-12370"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Steven Seeley (mr_me) of Offensive Security",
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-935"
},
{
"db": "ZDI",
"id": "ZDI-17-936"
},
{
"db": "ZDI",
"id": "ZDI-17-934"
}
],
"trust": 2.1
},
"cve": "CVE-2017-12370",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2017-12370",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 2.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-102886",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.6,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-12370",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "ZDI",
"id": "CVE-2017-12370",
"trust": 2.1,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2017-12370",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNNVD",
"id": "CNNVD-201711-1143",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-102886",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-935"
},
{
"db": "ZDI",
"id": "ZDI-17-936"
},
{
"db": "ZDI",
"id": "ZDI-17-934"
},
{
"db": "VULHUB",
"id": "VHN-102886"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010393"
},
{
"db": "NVD",
"id": "CVE-2017-12370"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-1143"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A \"Cisco WebEx Network Recording Player Remote Code Execution Vulnerability\" exists in Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) and WebEx Recording Format (WRF) files. A remote attacker could exploit this by providing a user with a malicious ARF or WRF file via email or URL and convincing the user to launch the file. Exploitation of this could cause an affected player to crash and, in some cases, could allow arbitrary code execution on the system of a targeted user. Cisco Bug IDs: CSCvf38060, CSCvg54836, CSCvf38077, CSCvg54843, CSCvf38084, CSCvg54850. Vendors have confirmed this vulnerability Bug ID CSCvf38060 , CSCvg54836 , CSCvf38077 , CSCvg54843 , CSCvf38084 and CSCvg54850 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the processing of WRF files. Crafted data in a WRF file can trigger an overflow of a heap-based buffer. An attacker can leverage this vulnerability to execute code under the context of the current process. Multiple Cisco WebEx Products are prone to the following security vulnerabilities:\n1. Multiple remote code-execution vulnerabilities\n2. Failed exploit attempts will likely result in denial-of-service conditions. Cisco WebEx Business Suite (WBS30) client and so on are the client software of Cisco\u0027s video conferencing solution. The following products and versions are affected: Cisco WebEx Business Suite (WBS30) client builds prior to T30.20; WebEx Business Suite (WBS31) client builds prior to T31.14.1; WebEx Business Suite (WBS32) client builds prior to T32.2 versions before WebEx Meetings with client builds prior to T31.14; versions prior to WebEx Meeting Server builds 2.7MR3",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-12370"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010393"
},
{
"db": "ZDI",
"id": "ZDI-17-935"
},
{
"db": "ZDI",
"id": "ZDI-17-936"
},
{
"db": "ZDI",
"id": "ZDI-17-934"
},
{
"db": "BID",
"id": "102017"
},
{
"db": "VULHUB",
"id": "VHN-102886"
}
],
"trust": 3.87
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-12370",
"trust": 5.0
},
{
"db": "BID",
"id": "102017",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1039895",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010393",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-4989",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-17-935",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-4988",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-17-936",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-4990",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-17-934",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201711-1143",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-102886",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "145176",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-935"
},
{
"db": "ZDI",
"id": "ZDI-17-936"
},
{
"db": "ZDI",
"id": "ZDI-17-934"
},
{
"db": "VULHUB",
"id": "VHN-102886"
},
{
"db": "BID",
"id": "102017"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010393"
},
{
"db": "PACKETSTORM",
"id": "145176"
},
{
"db": "NVD",
"id": "CVE-2017-12370"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-1143"
}
]
},
"id": "VAR-201711-0381",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-102886"
}
],
"trust": 0.6857143
},
"last_update_date": "2023-12-18T12:44:20.756000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20171129-webex-players",
"trust": 2.9,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20171129-webex-players"
},
{
"title": "Multiple Cisco product WebEx Recording Format Player and Advanced Recording Format Player Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=76798"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-935"
},
{
"db": "ZDI",
"id": "ZDI-17-936"
},
{
"db": "ZDI",
"id": "ZDI-17-934"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010393"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-1143"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-102886"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010393"
},
{
"db": "NVD",
"id": "CVE-2017-12370"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 4.1,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20171129-webex-players"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/102017"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039895"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-12370"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-12370"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-12372"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-12369"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-12367"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-12368"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-12371"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-935"
},
{
"db": "ZDI",
"id": "ZDI-17-936"
},
{
"db": "ZDI",
"id": "ZDI-17-934"
},
{
"db": "VULHUB",
"id": "VHN-102886"
},
{
"db": "BID",
"id": "102017"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010393"
},
{
"db": "PACKETSTORM",
"id": "145176"
},
{
"db": "NVD",
"id": "CVE-2017-12370"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-1143"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-17-935"
},
{
"db": "ZDI",
"id": "ZDI-17-936"
},
{
"db": "ZDI",
"id": "ZDI-17-934"
},
{
"db": "VULHUB",
"id": "VHN-102886"
},
{
"db": "BID",
"id": "102017"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010393"
},
{
"db": "PACKETSTORM",
"id": "145176"
},
{
"db": "NVD",
"id": "CVE-2017-12370"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-1143"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-12-06T00:00:00",
"db": "ZDI",
"id": "ZDI-17-935"
},
{
"date": "2017-12-06T00:00:00",
"db": "ZDI",
"id": "ZDI-17-936"
},
{
"date": "2017-12-06T00:00:00",
"db": "ZDI",
"id": "ZDI-17-934"
},
{
"date": "2017-11-30T00:00:00",
"db": "VULHUB",
"id": "VHN-102886"
},
{
"date": "2017-11-29T00:00:00",
"db": "BID",
"id": "102017"
},
{
"date": "2017-12-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-010393"
},
{
"date": "2017-12-01T03:05:38",
"db": "PACKETSTORM",
"id": "145176"
},
{
"date": "2017-11-30T09:29:01.650000",
"db": "NVD",
"id": "CVE-2017-12370"
},
{
"date": "2017-11-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201711-1143"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-12-06T00:00:00",
"db": "ZDI",
"id": "ZDI-17-935"
},
{
"date": "2017-12-06T00:00:00",
"db": "ZDI",
"id": "ZDI-17-936"
},
{
"date": "2017-12-06T00:00:00",
"db": "ZDI",
"id": "ZDI-17-934"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-102886"
},
{
"date": "2017-12-19T22:01:00",
"db": "BID",
"id": "102017"
},
{
"date": "2017-12-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-010393"
},
{
"date": "2019-10-09T23:23:02.107000",
"db": "NVD",
"id": "CVE-2017-12370"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201711-1143"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201711-1143"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco WebEx Recorder and Player WRF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability",
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-935"
},
{
"db": "ZDI",
"id": "ZDI-17-936"
},
{
"db": "ZDI",
"id": "ZDI-17-934"
}
],
"trust": 2.1
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201711-1143"
}
],
"trust": 0.6
}
}
var-201706-0585
Vulnerability from variot
Multiple buffer overflow vulnerabilities exist in the Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) files. An attacker could exploit these vulnerabilities by providing a user with a malicious ARF file via email or URL and convincing the user to launch the file. Exploitation of these vulnerabilities could cause an affected player to crash and, in some cases, could allow arbitrary code execution on the system of a targeted user. The Cisco WebEx Network Recording Player is an application that is used to play back WebEx meeting recordings that have been recorded on the computer of an online meeting attendee. The player can be automatically installed when the user accesses a recording file that is hosted on a WebEx server. The following client builds are affected by this vulnerability: Cisco WebEx Business Suite (WBS29) client builds prior to T29.13.130, Cisco WebEx Business Suite (WBS30) client builds prior to T30.17, Cisco WebEx Business Suite (WBS31) client builds prior to T31.10. Cisco Bug IDs: CSCvc47758 CSCvc51227 CSCvc51242. Vendors have confirmed this vulnerability Bug ID CSCvc47758 , CSCvc51227 ,and CSCvc51242 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute arbitrary code under the context of the current process. A buffer overflow vulnerability exists in Cisco WebExNetworkRecordingPlayer. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Versions prior to 10
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201706-0585",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webex business suite client",
"scope": "eq",
"trust": 2.7,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex",
"scope": null,
"trust": 2.1,
"vendor": "cisco",
"version": null
},
{
"model": "webex advanced recording format player",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "29.10"
},
{
"model": "webex meetings player t29.10",
"scope": null,
"trust": 0.9,
"vendor": "cisco",
"version": null
},
{
"model": "webex network recording player",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex advanced recording format player",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex arf player",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "29.10_base"
},
{
"model": "webex business suite client t31.10",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite client t30.17",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite client t29.13.130",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-442"
},
{
"db": "ZDI",
"id": "ZDI-17-444"
},
{
"db": "ZDI",
"id": "ZDI-17-443"
},
{
"db": "CNVD",
"id": "CNVD-2017-16244"
},
{
"db": "BID",
"id": "99196"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005144"
},
{
"db": "NVD",
"id": "CVE-2017-6669"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-951"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:29.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-6669"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Steven Seeley of Source Incite",
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-442"
},
{
"db": "ZDI",
"id": "ZDI-17-444"
},
{
"db": "ZDI",
"id": "ZDI-17-443"
}
],
"trust": 2.1
},
"cve": "CVE-2017-6669",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2017-6669",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 2.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CNVD-2017-16244",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-114872",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-6669",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "ZDI",
"id": "CVE-2017-6669",
"trust": 2.1,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2017-6669",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2017-16244",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201706-951",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-114872",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-442"
},
{
"db": "ZDI",
"id": "ZDI-17-444"
},
{
"db": "ZDI",
"id": "ZDI-17-443"
},
{
"db": "CNVD",
"id": "CNVD-2017-16244"
},
{
"db": "VULHUB",
"id": "VHN-114872"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005144"
},
{
"db": "NVD",
"id": "CVE-2017-6669"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-951"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple buffer overflow vulnerabilities exist in the Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) files. An attacker could exploit these vulnerabilities by providing a user with a malicious ARF file via email or URL and convincing the user to launch the file. Exploitation of these vulnerabilities could cause an affected player to crash and, in some cases, could allow arbitrary code execution on the system of a targeted user. The Cisco WebEx Network Recording Player is an application that is used to play back WebEx meeting recordings that have been recorded on the computer of an online meeting attendee. The player can be automatically installed when the user accesses a recording file that is hosted on a WebEx server. The following client builds are affected by this vulnerability: Cisco WebEx Business Suite (WBS29) client builds prior to T29.13.130, Cisco WebEx Business Suite (WBS30) client builds prior to T30.17, Cisco WebEx Business Suite (WBS31) client builds prior to T31.10. Cisco Bug IDs: CSCvc47758 CSCvc51227 CSCvc51242. Vendors have confirmed this vulnerability Bug ID CSCvc47758 , CSCvc51227 ,and CSCvc51242 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute arbitrary code under the context of the current process. A buffer overflow vulnerability exists in Cisco WebExNetworkRecordingPlayer. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Versions prior to 10",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-6669"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005144"
},
{
"db": "ZDI",
"id": "ZDI-17-442"
},
{
"db": "ZDI",
"id": "ZDI-17-444"
},
{
"db": "ZDI",
"id": "ZDI-17-443"
},
{
"db": "CNVD",
"id": "CNVD-2017-16244"
},
{
"db": "BID",
"id": "99196"
},
{
"db": "VULHUB",
"id": "VHN-114872"
}
],
"trust": 4.41
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-6669",
"trust": 5.5
},
{
"db": "BID",
"id": "99196",
"trust": 2.6
},
{
"db": "SECTRACK",
"id": "1038737",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005144",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-4277",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-17-442",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-4279",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-17-444",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-4278",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-17-443",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201706-951",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2017-16244",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-114872",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-442"
},
{
"db": "ZDI",
"id": "ZDI-17-444"
},
{
"db": "ZDI",
"id": "ZDI-17-443"
},
{
"db": "CNVD",
"id": "CNVD-2017-16244"
},
{
"db": "VULHUB",
"id": "VHN-114872"
},
{
"db": "BID",
"id": "99196"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005144"
},
{
"db": "NVD",
"id": "CVE-2017-6669"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-951"
}
]
},
"id": "VAR-201706-0585",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-16244"
},
{
"db": "VULHUB",
"id": "VHN-114872"
}
],
"trust": 1.3125
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2017-16244"
}
]
},
"last_update_date": "2023-12-18T13:08:49.635000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20170621-wnrp",
"trust": 2.9,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20170621-wnrp"
},
{
"title": "Patch for CiscoWebExCiscoWebExNetworkRecordingPlayer Buffer Overflow Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/98683"
},
{
"title": "Cisco WebEx Network Recording Player Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=71173"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-442"
},
{
"db": "ZDI",
"id": "ZDI-17-444"
},
{
"db": "ZDI",
"id": "ZDI-17-443"
},
{
"db": "CNVD",
"id": "CNVD-2017-16244"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005144"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-951"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-114872"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005144"
},
{
"db": "NVD",
"id": "CVE-2017-6669"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 4.1,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20170621-wnrp"
},
{
"trust": 2.3,
"url": "http://www.securityfocus.com/bid/99196"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1038737"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-6669"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-6669"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-442"
},
{
"db": "ZDI",
"id": "ZDI-17-444"
},
{
"db": "ZDI",
"id": "ZDI-17-443"
},
{
"db": "CNVD",
"id": "CNVD-2017-16244"
},
{
"db": "VULHUB",
"id": "VHN-114872"
},
{
"db": "BID",
"id": "99196"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005144"
},
{
"db": "NVD",
"id": "CVE-2017-6669"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-951"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-17-442"
},
{
"db": "ZDI",
"id": "ZDI-17-444"
},
{
"db": "ZDI",
"id": "ZDI-17-443"
},
{
"db": "CNVD",
"id": "CNVD-2017-16244"
},
{
"db": "VULHUB",
"id": "VHN-114872"
},
{
"db": "BID",
"id": "99196"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005144"
},
{
"db": "NVD",
"id": "CVE-2017-6669"
},
{
"db": "CNNVD",
"id": "CNNVD-201706-951"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-06-23T00:00:00",
"db": "ZDI",
"id": "ZDI-17-442"
},
{
"date": "2017-06-23T00:00:00",
"db": "ZDI",
"id": "ZDI-17-444"
},
{
"date": "2017-06-23T00:00:00",
"db": "ZDI",
"id": "ZDI-17-443"
},
{
"date": "2017-07-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-16244"
},
{
"date": "2017-06-26T00:00:00",
"db": "VULHUB",
"id": "VHN-114872"
},
{
"date": "2017-06-21T00:00:00",
"db": "BID",
"id": "99196"
},
{
"date": "2017-07-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-005144"
},
{
"date": "2017-06-26T07:29:00.230000",
"db": "NVD",
"id": "CVE-2017-6669"
},
{
"date": "2017-06-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201706-951"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-06-23T00:00:00",
"db": "ZDI",
"id": "ZDI-17-442"
},
{
"date": "2017-06-23T00:00:00",
"db": "ZDI",
"id": "ZDI-17-444"
},
{
"date": "2017-06-23T00:00:00",
"db": "ZDI",
"id": "ZDI-17-443"
},
{
"date": "2017-07-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2017-16244"
},
{
"date": "2017-07-07T00:00:00",
"db": "VULHUB",
"id": "VHN-114872"
},
{
"date": "2017-06-21T00:00:00",
"db": "BID",
"id": "99196"
},
{
"date": "2017-07-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-005144"
},
{
"date": "2021-04-06T13:31:26.063000",
"db": "NVD",
"id": "CVE-2017-6669"
},
{
"date": "2021-04-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201706-951"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201706-951"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco WebEx Network Recording Player ARF File Memory Corruption Remote Code Execution Vulnerability",
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-444"
},
{
"db": "ZDI",
"id": "ZDI-17-443"
}
],
"trust": 1.4
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201706-951"
}
],
"trust": 0.6
}
}
var-201801-1055
Vulnerability from variot
A vulnerability in Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) files could allow a remote attacker to execute arbitrary code on the system of a targeted user. The attacker could exploit this vulnerability by sending the user a link or email attachment with a malicious ARF file and persuading the user to follow the link or launch the file. Successful exploitation could allow the attacker to execute arbitrary code on the user's system. This vulnerability affects Cisco WebEx Business Suite meeting sites, Cisco WebEx Meetings sites, Cisco WebEx Meetings Server, and Cisco WebEx ARF players. Cisco Bug IDs: CSCvg78853, CSCvg78856, CSCvg78857. Vendors have confirmed this vulnerability Bug ID CSCvg78853 , CSCvg78856 ,and CSCvg78857 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. While opening an ARF file, WebEx Network Recording Player loads a DLL from an unqualified path
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201801-1055",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex network recording player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex network recording player",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex",
"scope": null,
"trust": 0.7,
"vendor": "cisco",
"version": null
},
{
"model": "webex network recording player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.7"
},
{
"model": "webex meetings t31",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings t30",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings t32.9",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings t32",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings t31.20.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-008"
},
{
"db": "BID",
"id": "102382"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001272"
},
{
"db": "NVD",
"id": "CVE-2018-0104"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-205"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_business_suite:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_network_recording_player:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-0104"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Steven Seeley (mr_me) of Offensive Security",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-008"
}
],
"trust": 0.7
},
"cve": "CVE-2018-0104",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-0104",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2018-0104",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-118306",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.6,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-0104",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-0104",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "ZDI",
"id": "CVE-2018-0104",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201801-205",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-118306",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-008"
},
{
"db": "VULHUB",
"id": "VHN-118306"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001272"
},
{
"db": "NVD",
"id": "CVE-2018-0104"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-205"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) files could allow a remote attacker to execute arbitrary code on the system of a targeted user. The attacker could exploit this vulnerability by sending the user a link or email attachment with a malicious ARF file and persuading the user to follow the link or launch the file. Successful exploitation could allow the attacker to execute arbitrary code on the user\u0027s system. This vulnerability affects Cisco WebEx Business Suite meeting sites, Cisco WebEx Meetings sites, Cisco WebEx Meetings Server, and Cisco WebEx ARF players. Cisco Bug IDs: CSCvg78853, CSCvg78856, CSCvg78857. Vendors have confirmed this vulnerability Bug ID CSCvg78853 , CSCvg78856 ,and CSCvg78857 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. While opening an ARF file, WebEx Network Recording Player loads a DLL from an unqualified path",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-0104"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001272"
},
{
"db": "ZDI",
"id": "ZDI-18-008"
},
{
"db": "BID",
"id": "102382"
},
{
"db": "VULHUB",
"id": "VHN-118306"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-0104",
"trust": 3.5
},
{
"db": "BID",
"id": "102382",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001272",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5008",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-008",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201801-205",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-118306",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-008"
},
{
"db": "VULHUB",
"id": "VHN-118306"
},
{
"db": "BID",
"id": "102382"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001272"
},
{
"db": "NVD",
"id": "CVE-2018-0104"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-205"
}
]
},
"id": "VAR-201801-1055",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-118306"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:29:02.114000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20180103-warfp",
"trust": 1.5,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180103-warfp"
},
{
"title": "Multiple Cisco product WebEx ARF player Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=77520"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-008"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001272"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-205"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-118306"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001272"
},
{
"db": "NVD",
"id": "CVE-2018-0104"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180103-warfp"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/102382"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0104"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-0104"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-008"
},
{
"db": "VULHUB",
"id": "VHN-118306"
},
{
"db": "BID",
"id": "102382"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001272"
},
{
"db": "NVD",
"id": "CVE-2018-0104"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-205"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-18-008"
},
{
"db": "VULHUB",
"id": "VHN-118306"
},
{
"db": "BID",
"id": "102382"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001272"
},
{
"db": "NVD",
"id": "CVE-2018-0104"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-205"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-01-03T00:00:00",
"db": "ZDI",
"id": "ZDI-18-008"
},
{
"date": "2018-01-04T00:00:00",
"db": "VULHUB",
"id": "VHN-118306"
},
{
"date": "2018-01-03T00:00:00",
"db": "BID",
"id": "102382"
},
{
"date": "2018-02-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-001272"
},
{
"date": "2018-01-04T06:29:00.387000",
"db": "NVD",
"id": "CVE-2018-0104"
},
{
"date": "2018-01-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201801-205"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-01-03T00:00:00",
"db": "ZDI",
"id": "ZDI-18-008"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-118306"
},
{
"date": "2018-01-03T00:00:00",
"db": "BID",
"id": "102382"
},
{
"date": "2018-02-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-001272"
},
{
"date": "2019-10-09T23:31:14.533000",
"db": "NVD",
"id": "CVE-2018-0104"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201801-205"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201801-205"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco WebEx Network Recording Player Input validation vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-001272"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input Validation Error",
"sources": [
{
"db": "BID",
"id": "102382"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-205"
}
],
"trust": 0.9
}
}
var-201110-0449
Vulnerability from variot
Buffer overflow in the WRF parsing functionality in the Cisco WebEx Recording Format (WRF) player T26 before SP49 EP40 and T27 before SP28 allows remote attackers to execute arbitrary code via a crafted WRF file. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within atdl2006.dll. The vulnerability is caused by lack of validation when parsing WRF files. A specially crafted WRF file will cause the application to incorrectly push a size value to a memcpy, allowing for corruption of heap memory. An attacker can leverage this vulnerability to execute arbitrary code on the target system under the context of the current user. Cisco WebEx is a web conferencing solution. Cisco WebEx is prone to multiple remote buffer-overflow vulnerabilities. Failed exploit attempts may result in a denial-of-service condition.
The specific flaw exists within atdl2006.dll. More details can be found at:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-webex
-
-- Disclosure Timeline: 2011-05-25 - Vulnerability reported to vendor 2011-12-07 - Coordinated public release of advisory
-
-- Credit: This vulnerability was discovered by:
-
Aniway (Aniway.Anyway@gmail.com)
-
-- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities.
Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at:
http://www.zerodayinitiative.com
The ZDI is unique in how the acquired vulnerability information is used. TippingPoint does not re-sell the vulnerability details or any exploit code. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product. ----------------------------------------------------------------------
Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool.
Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/
TITLE: Cisco WebEx Player WRF File Processing Vulnerabilities
SECUNIA ADVISORY ID: SA46607
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46607/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46607
RELEASE DATE: 2011-10-28
DISCUSS ADVISORY: http://secunia.com/advisories/46607/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/46607/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=46607
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Two vulnerabilities have been reported in Cisco WebEx Player, which can be exploited by malicious people to compromise a user's system.
SOLUTION: Update to a fixed version (Please see the vendor's advisory for details).
PROVIDED AND/OR DISCOVERED BY: 1) The vendor credits TippingPoint. 2) Aniway and Anonymous via ZDI.
ORIGINAL ADVISORY: Cisco: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-webex
ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-308/
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
.
The Cisco WebEx Players are applications that are used to play back WebEx meeting recordings that have been recorded on a WebEx meeting site or on the computer of an online meeting attendee. The players can be automatically installed when the user accesses a recording file that is hosted on a WebEx meeting site. The players can also be manually installed for offline playback after downloading the application from www.webex.com
If the WRF player was automatically installed, it will be automatically upgraded to the latest, nonvulnerable version when users access a recording file that is hosted on a WebEx meeting site. If the WRF player was manually installed, users will need to manually install a new version of the player after downloading the latest version from www.webex.com
Cisco has released free software updates that address these vulnerabilities.
This advisory is posted at: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-webex
Note: Effective October 18, 2011, Cisco moved the current list of Cisco Security Advisories and Responses published by Cisco PSIRT. The new location is http://tools.cisco.com/security/center/publicationListing You can also navigate to this page from the Cisco Products and Services menu of the Cisco Security Intelligence Operations (SIO) Portal. Following this transition, new Cisco Security Advisories and Responses will be published to the new location. Although the URL has changed, the content of security documents and the vulnerability policy are not impacted. Cisco will continue to disclose security vulnerabilities in accordance with the published Security Vulnerability Policy.
Affected Products
The vulnerabilities disclosed in this advisory affect the Cisco WRF players. The Microsoft Windows, Apple Mac OS X, and Linux versions of the players are all affected. Review the following table for the list of releases that contain the nonvulnerable code. Affected versions of the players are those prior to client build T26 SP49 EP40 and T27 SP28. These build numbers are available only to WebEx site administrators. End users will see a version such as "Client build: 27.25.4.11889." This indicates the server is running software version T27 SP25 EP4.
To determine whether a Cisco WebEx meeting site is running an affected version of the WebEx client build, users can log in to their Cisco WebEx meeting site and go to the Support > Downloads section. The version of the WebEx client build will be displayed on the right side of the page under "About Support Center." See "Software Versions and Fixes" for details.
Cisco recommends that users upgrade to the most current version of the player that is available from www.webex.com/ downloadplayer.html. If the player is no longer needed, it can be removed using the "Mac Cisco-WebEx Uninstaller" or "Meeting Services Removal tool" available at support.webex.com/support/ downloads.html.
Users can manually verify the installed version of the WRF player to determine whether it is affected by these vulnerabilities. To do so, an administrator must examine the version numbers of the installed files and determine whether the version of the file contains the fixed code. Detailed instructions on how to verify the version numbers are provided in the following sections.
The following tables provide the first nonvulnerable version of each object.
Microsoft Windows +---------------- Two dynamically linked libraries (DLLs) were updated on the Microsoft Windows platform to address the vulnerabilities that are described in this advisory. These files are in the folder C:\ Program Files\WebEx\Record Playback or C:\Program Files (x86)\ Webex\Record Player. The version number of a DLL can be obtained by browsing the Record Playback directory in Windows Explorer, right-clicking on the file name, and choosing Properties. The Version or Details tab of the Properties page provides details on the library version. The following table gives the first fixed version number for each DLL. If the installed versions are equal to or greater than the versions provided in the table, the system is not vulnerable.
+----------------------------------------------------------------------------+ | Library | T26 SP49 | T27 SP11 | T27 SP21 | T27 SP25 | T27 SP28 | | | EP40 | EP26 | EP9 | EP3 | | |--------------+-------------+------------+----------+----------+------------| | atas32.dll | Not | 2.6.11.0 | 2.6.21.5 | 2.6.25.0 | 2.6.28.0 | | | vulnerable | | | | | |--------------+-------------+------------+----------+----------+------------| | atdl2006.dll | 2.5.49.4000 | 2.6.1123.1 | 2.6.21.1 | 2.6.20.0 | Not | | | | | | | vulnerable | +----------------------------------------------------------------------------+
Mac +-- A package bundle was updated on the Macintosh platform to address the vulnerabilities that are described in this advisory. This file is in each user's home directory, which can be accessed in ~/Library/Application Support/WebEx Folder/824 for systems connected to servers running T26 and ~/Library/Application Support/WebEx Folder/924 for systems connected to servers running T27. The version can be obtained by browsing to the appropriate folder in Finder and control-clicking the filename. When the menu is displayed, select show package contents and then double-click the Info.plist file. The version number is shown at the bottom of the displayed table.
+-------------------------------------------------------------------------------+ | Bundle | T26 SP49 | T27 SP11 | T27 SP21 | T27 SP25 | T27 SP28 | | | EP40 | EP26 | EP9 | EP3 | | |-------------------+-----------+------------+-----------+----------+------------| | asplayback.bundle | 6.0.49.40 | 6.10.11.25 | 6.10.21.9 | 6.0.25.3 | 5.25.27.28 | +-------------------------------------------------------------------------------+
Linux
A shared object was updated on the Linux platform to address the vulnerabilities that are described in this advisory. This file is in the ~/.webex directory. The version number of the shared object can be obtained by performing a directory listing with the ls command. The version number is provided after the .so extension.
+---------------------------------------------------------------------------+ | Shared | T26 SP49 | T27 SP11 | T27 SP21 | T27 SP25 | T27 SP28 | | Object | EP40 | EP26 | EP9 | EP3 | | |------------+-----------+------------+-----------+------------+------------| | atascli.so | 1.0.26.41 | 1.11.27.15 | 1.0.27.17 | 1.25.27.17 | 1.28.27.17 | +---------------------------------------------------------------------------+
Vulnerable Products +------------------
No other Cisco products are currently known to be affected by these vulnerabilities.
Details
The WebEx meeting service is a hosted multimedia conferencing solution that is managed and maintained by Cisco WebEx. The WRF file format is used to store WebEx meeting recordings that have been recorded on a WebEx meeting site or on the computer of an online meeting attendee. The players are applications that are used to play back and edit recording files (files with a .wrf extension). The WRF players can be automatically installed when the user accesses a recording file that is hosted on a WebEx meeting site (for stream playback mode). The WRF players can also be manually installed after downloading the application from www.webex.com/downloadplayer.html to play back recording files locally (for offline playback mode). The vulnerabilities cannot be triggered by users who are attending a WebEx meeting.
Vulnerability Scoring Details +----------------------------
Cisco has provided scores for the vulnerabilities in this advisory based on the Common Vulnerability Scoring System (CVSS). The CVSS scoring in this Security Advisory is done in accordance with CVSS version 2.0.
CVSS is a standards-based scoring method that conveys vulnerability severity and helps determine urgency and priority of response.
Cisco has provided a base and temporal score. Customers can then compute environmental scores to assist in determining the impact of the vulnerability in individual networks.
Cisco has provided an FAQ to answer additional questions regarding CVSS at: http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html
Cisco has also provided a CVSS calculator to help compute the environmental impact for individual networks at: http://intellishield.cisco.com/security/alertmanager/cvss
- Multiple Cisco WebEx Player Buffer Overflow Vulnerabilities
CVSS Base Score - 9.3 Access Vector - Network Access Complexity - Medium Authentication - None Confidentiality Impact - Complete Integrity Impact - Complete Availability Impact - Complete
CVSS Temporal Score - 7.7 Exploitability - Functional Remediation Level - Official-Fix Report Confidence - Confirmed
Impact
Successful exploitation of the vulnerabilities described in this document could cause the Cisco WRF player application to crash and, in some cases, allow a remote attacker to execute arbitrary code on the system with the privileges of the user who is running the WRF player application.
Software Versions and Fixes
When considering software upgrades, also consult: http://www.cisco.com/go/psirt and any subsequent advisories to determine exposure and a complete upgrade solution.
These vulnerabilities are first fixed in the following versions:
- T26 SP49 EP40
- T27 FR20
- T27 SP11 EP23
- T27 SP21 EP9
- T27 SP23
- T27 SP25 EP3
- T27 SP28
The client build is listed in the Support > Downloads section of the WebEx page after a user authenticates. WebEx bug fixes are cumulative in a major release. For example, if release T27 SP22 EP9 is fixed, release T27 SP22 EP23 will also have the software fix. End users will see a version such as "Client build: 27.25.4.11889." This indicates the server is running software version T27 SP25 EP4.
If a WRF player was automatically installed, it will be automatically upgraded to the latest, nonvulnerable version when users access a recording file that is hosted on a WebEx meeting site.
If a WRF player was manually installed, users will need to manually install a new version of the player after downloading the latest version from www.webex.com/downloadplayer.html. If the player is no longer needed, it can be removed using the "Mac Cisco-WebEx Uninstaller" or "Meeting Services Removal tool" available at support.webex.com/support/downloads.html
Workarounds
There are no workarounds for the vulnerabilities disclosed in this advisory.
Obtaining Fixed Software
Cisco has released free software updates that address these vulnerabilities. Prior to deploying software, customers should consult their maintenance provider or check the software for feature set compatibility and known issues specific to their environment.
Customers may only install and expect support for the feature sets they have purchased. By installing, downloading, accessing or otherwise using such software upgrades, customers agree to be bound by the terms of Cisco's software license terms found at: http://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html or as otherwise set forth at Cisco.com Downloads at: http://www.cisco.com/public/sw-center/sw-usingswc.shtml
Do not contact psirt@cisco.com or security-alert@cisco.com for software upgrades.
Customers with Service Contracts +-------------------------------
This section does not apply for vulnerabilities in Cisco WebEx products.
Customers using Third Party Support Organizations +------------------------------------------------
This section does not apply for vulnerabilities in Cisco WebEx products.
Customers without Service Contracts +----------------------------------
This section does not apply for vulnerabilities in Cisco WebEx products.
Exploitation and Public Announcements
The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities described in this advisory.
These vulnerabilities were reported to Cisco by TippingPoint. Cisco would like to thank TippingPoint for reporting these vulnerabilities to us.
Status of this Notice: Final
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.
A stand-alone copy or Paraphrase of the text of this document that omits the distribution URL in the following section is an uncontrolled copy, and may lack important information or contain factual errors.
Distribution
This advisory is posted on Cisco's worldwide website at:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-webex
In addition to worldwide web posting, a text version of this notice is clear-signed with the Cisco PSIRT PGP key and is posted to the following e-mail and Usenet news recipients.
- cust-security-announce@cisco.com
- first-teams@first.org
- bugtraq@securityfocus.com
- vulnwatch@vulnwatch.org
- cisco@spot.colorado.edu
- cisco-nsp@puck.nether.net
- full-disclosure@lists.grok.org.uk
- comp.dcom.sys.cisco@newsgate.cisco.com
Future updates of this advisory, if any, will be placed on Cisco's worldwide website, but may or may not be actively announced on mailing lists or newsgroups. Users concerned about this problem are encouraged to check the above URL for any updates.
Revision History
+-------------------------------------------------------------------+ | Revision 1.0 | 2011-October-26 | Initial public release | +-------------------------------------------------------------------+
Cisco Security Procedures
Complete information on reporting security vulnerabilities in Cisco products, obtaining assistance with security incidents, and registering to receive security information from Cisco, is available on Cisco's worldwide website at: http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html This includes instructions for press inquiries regarding Cisco security notices.
All Cisco security advisories are available at: http://www.cisco.com/go/psirt
+-------------------------------------------------------------------- Copyright 2010-2011 Cisco Systems, Inc. All rights reserved. +-------------------------------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (SunOS)
iFcDBQFOqCUXQXnnBKKRMNARCO+aAP9IbHs1VnWKq0GY3UPgGavVWYYrypo9uR2g S1eif/eNEQD7BRMCZrBRVyqMy2c0STwOH9IN35fyqGyLtlO/Nxv4geA= =eg2S -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201110-0449",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webex",
"scope": "eq",
"trust": 1.8,
"vendor": "cisco",
"version": "26.00"
},
{
"model": "webex",
"scope": "eq",
"trust": 1.8,
"vendor": "cisco",
"version": "27.00"
},
{
"model": "webex 27lb sp21 ep3",
"scope": null,
"trust": 1.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex 27lc sp22",
"scope": null,
"trust": 1.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.10"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.12"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.13"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "26"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "26.49.32"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "27.10"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "x)26.00"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "x)27.00"
},
{
"model": "webex (mac os 27lb sp21 ep3",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os 27lc sp22",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "x)26.49.35"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "27.11.8"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "26.49.35"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "27"
},
{
"model": "webex recording format player",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "t26 sp49 ep40"
},
{
"model": "webex recording format player",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "t27 sp28"
},
{
"model": "webex",
"scope": null,
"trust": 0.7,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 sp28",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 sp25 ep3",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 sp23",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 sp21 ep9",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 sp11 ep23",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 fr20",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t26 sp49 ep40",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)27.11.8"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex (mac os t27 sp28",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 sp25 ep3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 sp23",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 sp21 ep9",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 sp11 ep23",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 fr20",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t26 sp49 ep40",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-341"
},
{
"db": "CNVD",
"id": "CNVD-2011-4515"
},
{
"db": "BID",
"id": "50373"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002703"
},
{
"db": "NVD",
"id": "CVE-2011-3319"
},
{
"db": "CNNVD",
"id": "CNNVD-201110-652"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:27.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:26:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:27:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:27.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:27.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2011-3319"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "TippingPoint",
"sources": [
{
"db": "BID",
"id": "50373"
},
{
"db": "CNNVD",
"id": "CNNVD-201110-652"
}
],
"trust": 0.9
},
"cve": "CVE-2011-3319",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2011-3319",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2011-3319",
"impactScore": 8.5,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-51264",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2011-3319",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2011-3319",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201110-652",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-51264",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-341"
},
{
"db": "VULHUB",
"id": "VHN-51264"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002703"
},
{
"db": "NVD",
"id": "CVE-2011-3319"
},
{
"db": "CNNVD",
"id": "CNNVD-201110-652"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in the WRF parsing functionality in the Cisco WebEx Recording Format (WRF) player T26 before SP49 EP40 and T27 before SP28 allows remote attackers to execute arbitrary code via a crafted WRF file. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within atdl2006.dll. The vulnerability is caused by lack of validation when parsing WRF files. A specially crafted WRF file will cause the application to incorrectly push a size value to a memcpy, allowing for corruption of heap memory. An attacker can leverage this vulnerability to execute arbitrary code on the target system under the context of the current user. Cisco WebEx is a web conferencing solution. Cisco WebEx is prone to multiple remote buffer-overflow vulnerabilities. Failed exploit attempts may result in a denial-of-service condition. \n\nThe specific flaw exists within atdl2006.dll. More details\ncan be found at:\n\nhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-webex\n\n\n\n- -- Disclosure Timeline:\n2011-05-25 - Vulnerability reported to vendor\n2011-12-07 - Coordinated public release of advisory\n\n- -- Credit:\nThis vulnerability was discovered by:\n\n* Aniway (Aniway.Anyway@gmail.com)\n\n\n\n- -- About the Zero Day Initiative (ZDI):\nEstablished by TippingPoint, The Zero Day Initiative (ZDI) represents\na best-of-breed model for rewarding security researchers for responsibly\ndisclosing discovered vulnerabilities. \n\nResearchers interested in getting paid for their security research\nthrough the ZDI can find more information and sign-up at:\n\n http://www.zerodayinitiative.com\n\nThe ZDI is unique in how the acquired vulnerability information is\nused. TippingPoint does not re-sell the vulnerability details or any\nexploit code. Instead, upon notifying the affected product vendor,\nTippingPoint provides its customers with zero day protection through\nits intrusion prevention technology. Explicit details regarding the\nspecifics of the vulnerability are not exposed to any parties until\nan official vendor patch is publicly available. Furthermore, with the\naltruistic aim of helping to secure a broader user base, TippingPoint\nprovides this vulnerability information confidentially to security\nvendors (including competitors) who have a vulnerability protection or\nmitigation product. ----------------------------------------------------------------------\n\nOvum says ad hoc tools are out-dated. The best practice approach?\nFast vulnerability intelligence, threat handling, and setup in one tool. \n\nRead the new report on the Secunia VIM:\nhttp://secunia.com/products/corporate/vim/ovum_2011_request/ \n\n----------------------------------------------------------------------\n\nTITLE:\nCisco WebEx Player WRF File Processing Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA46607\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/46607/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=46607\n\nRELEASE DATE:\n2011-10-28\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/46607/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/46607/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=46607\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nTwo vulnerabilities have been reported in Cisco WebEx Player, which\ncan be exploited by malicious people to compromise a user\u0027s system. \n\nSOLUTION:\nUpdate to a fixed version (Please see the vendor\u0027s advisory for\ndetails). \n\nPROVIDED AND/OR DISCOVERED BY:\n1) The vendor credits TippingPoint. \n2) Aniway and Anonymous via ZDI. \n\nORIGINAL ADVISORY:\nCisco:\nhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-webex\n\nZDI:\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-308/\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \n\nThe Cisco WebEx Players are applications that are used to play back\nWebEx meeting recordings that have been recorded on a WebEx meeting\nsite or on the computer of an online meeting attendee. The players\ncan be automatically installed when the user accesses a recording\nfile that is hosted on a WebEx meeting site. The players can also be\nmanually installed for offline playback after downloading the\napplication from www.webex.com\n\nIf the WRF player was automatically installed, it will be\nautomatically upgraded to the latest, nonvulnerable version when\nusers access a recording file that is hosted on a WebEx meeting site. \nIf the WRF player was manually installed, users will need to manually\ninstall a new version of the player after downloading the latest\nversion from www.webex.com\n\nCisco has released free software updates that address these\nvulnerabilities. \n\nThis advisory is posted at: \nhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-webex\n\nNote: Effective October 18, 2011, Cisco moved the current list of\nCisco Security Advisories and Responses published by Cisco PSIRT. The\nnew location is http://tools.cisco.com/security/center/publicationListing\nYou can also navigate to this page from the Cisco\nProducts and Services menu of the Cisco Security Intelligence\nOperations (SIO) Portal. Following this transition, new Cisco\nSecurity Advisories and Responses will be published to the new\nlocation. Although the URL has changed, the content of security\ndocuments and the vulnerability policy are not impacted. Cisco will\ncontinue to disclose security vulnerabilities in accordance with the\npublished Security Vulnerability Policy. \n\nAffected Products\n=================\n\nThe vulnerabilities disclosed in this advisory affect the Cisco\nWRF players. The Microsoft Windows, Apple Mac OS X, and Linux\nversions of the players are all affected. Review the following\ntable for the list of releases that contain the nonvulnerable\ncode. Affected versions of the players are those prior to client\nbuild T26 SP49 EP40 and T27 SP28. These build numbers are\navailable only to WebEx site administrators. End users will see a\nversion such as \"Client build: 27.25.4.11889.\" This indicates the\nserver is running software version T27 SP25 EP4. \n\nTo determine whether a Cisco WebEx meeting site is running an\naffected version of the WebEx client build, users can log in to\ntheir Cisco WebEx meeting site and go to the Support \u003e Downloads\nsection. The version of the WebEx client build will be displayed\non the right side of the page under \"About Support Center.\" See\n\"Software Versions and Fixes\" for details. \n\nCisco recommends that users upgrade to the most current version\nof the player that is available from www.webex.com/\ndownloadplayer.html. If the player is no longer needed, it can be\nremoved using the \"Mac Cisco-WebEx Uninstaller\" or \"Meeting\nServices Removal tool\" available at support.webex.com/support/\ndownloads.html. \n\nUsers can manually verify the installed version of the WRF player\nto determine whether it is affected by these vulnerabilities. To\ndo so, an administrator must examine the version numbers of the\ninstalled files and determine whether the version of the file\ncontains the fixed code. Detailed instructions on how to verify\nthe version numbers are provided in the following sections. \n\nThe following tables provide the first nonvulnerable version of\neach object. \n\nMicrosoft Windows\n+----------------\nTwo dynamically linked libraries (DLLs) were updated on the\nMicrosoft Windows platform to address the vulnerabilities that\nare described in this advisory. These files are in the folder C:\\\nProgram Files\\WebEx\\Record Playback or C:\\Program Files (x86)\\\nWebex\\Record Player. The version number of a DLL can be obtained\nby browsing the Record Playback directory in Windows Explorer,\nright-clicking on the file name, and choosing Properties. The\nVersion or Details tab of the Properties page provides details on\nthe library version. The following table gives the first fixed\nversion number for each DLL. If the installed versions are equal\nto or greater than the versions provided in the table, the system\nis not vulnerable. \n\n+----------------------------------------------------------------------------+\n| Library | T26 SP49 | T27 SP11 | T27 SP21 | T27 SP25 | T27 SP28 |\n| | EP40 | EP26 | EP9 | EP3 | |\n|--------------+-------------+------------+----------+----------+------------|\n| atas32.dll | Not | 2.6.11.0 | 2.6.21.5 | 2.6.25.0 | 2.6.28.0 |\n| | vulnerable | | | | |\n|--------------+-------------+------------+----------+----------+------------|\n| atdl2006.dll | 2.5.49.4000 | 2.6.1123.1 | 2.6.21.1 | 2.6.20.0 | Not |\n| | | | | | vulnerable |\n+----------------------------------------------------------------------------+\n \nMac\n+--\nA package bundle was updated on the Macintosh platform to\naddress the vulnerabilities that are described in this advisory. \nThis file is in each user\u0027s home directory, which can be accessed\nin ~/Library/Application Support/WebEx Folder/824 for systems\nconnected to servers running T26 and ~/Library/Application\nSupport/WebEx Folder/924 for systems connected to servers running\nT27. The version can be obtained by browsing to the appropriate\nfolder in Finder and control-clicking the filename. When the menu\nis displayed, select show package contents and then double-click\nthe Info.plist file. The version number is shown at the bottom of\nthe displayed table. \n\n+-------------------------------------------------------------------------------+\n| Bundle | T26 SP49 | T27 SP11 | T27 SP21 | T27 SP25 | T27 SP28 |\n| | EP40 | EP26 | EP9 | EP3 | |\n|-------------------+-----------+------------+-----------+----------+------------|\n| asplayback.bundle | 6.0.49.40 | 6.10.11.25 | 6.10.21.9 | 6.0.25.3 | 5.25.27.28 |\n+-------------------------------------------------------------------------------+\n\nLinux\n\nA shared object was updated on the Linux platform to address the\nvulnerabilities that are described in this advisory. This file is\nin the ~/.webex directory. The version number of the shared\nobject can be obtained by performing a directory listing with the\nls command. The version number is provided after the .so\nextension. \n\n+---------------------------------------------------------------------------+\n| Shared | T26 SP49 | T27 SP11 | T27 SP21 | T27 SP25 | T27 SP28 |\n| Object | EP40 | EP26 | EP9 | EP3 | |\n|------------+-----------+------------+-----------+------------+------------|\n| atascli.so | 1.0.26.41 | 1.11.27.15 | 1.0.27.17 | 1.25.27.17 | 1.28.27.17 |\n+---------------------------------------------------------------------------+\n\nVulnerable Products\n+------------------\n\nNo other Cisco products are currently known to be affected by these\nvulnerabilities. \n\nDetails\n=======\n\nThe WebEx meeting service is a hosted multimedia conferencing\nsolution that is managed and maintained by Cisco WebEx. The WRF file\nformat is used to store WebEx meeting recordings that have been\nrecorded on a WebEx meeting site or on the computer of an online\nmeeting attendee. The players are applications that are used to play\nback and edit recording files (files with a .wrf extension). The WRF\nplayers can be automatically installed when the user accesses a\nrecording file that is hosted on a WebEx meeting site (for stream\nplayback mode). The WRF players can also be manually installed after\ndownloading the application from www.webex.com/downloadplayer.html \nto play back recording files locally (for offline playback mode). The vulnerabilities cannot be triggered\nby users who are attending a WebEx meeting. \n\nVulnerability Scoring Details\n+----------------------------\n\nCisco has provided scores for the vulnerabilities in this advisory\nbased on the Common Vulnerability Scoring System (CVSS). The CVSS\nscoring in this Security Advisory is done in accordance with CVSS\nversion 2.0. \n\nCVSS is a standards-based scoring method that conveys vulnerability\nseverity and helps determine urgency and priority of response. \n\nCisco has provided a base and temporal score. Customers can then\ncompute environmental scores to assist in determining the impact of\nthe vulnerability in individual networks. \n\nCisco has provided an FAQ to answer additional questions regarding\nCVSS at:\nhttp://www.cisco.com/web/about/security/intelligence/cvss-qandas.html\n\n\nCisco has also provided a CVSS calculator to help compute the\nenvironmental impact for individual networks at:\nhttp://intellishield.cisco.com/security/alertmanager/cvss\n\n* Multiple Cisco WebEx Player Buffer Overflow Vulnerabilities\n\nCVSS Base Score - 9.3\n Access Vector - Network\n Access Complexity - Medium\n Authentication - None\n Confidentiality Impact - Complete\n Integrity Impact - Complete\n Availability Impact - Complete\n\nCVSS Temporal Score - 7.7\n Exploitability - Functional\n Remediation Level - Official-Fix\n Report Confidence - Confirmed\n\n\nImpact\n======\n\nSuccessful exploitation of the vulnerabilities described in this\ndocument could cause the Cisco WRF player application to crash and,\nin some cases, allow a remote attacker to execute arbitrary code on\nthe system with the privileges of the user who is running the WRF\nplayer application. \n\nSoftware Versions and Fixes\n===========================\n\nWhen considering software upgrades, also consult:\nhttp://www.cisco.com/go/psirt and any subsequent advisories to \ndetermine exposure and a complete upgrade solution. \n\nThese vulnerabilities are first fixed in the following versions: \n\n * T26 SP49 EP40\n * T27 FR20\n * T27 SP11 EP23\n * T27 SP21 EP9\n * T27 SP23\n * T27 SP25 EP3\n * T27 SP28\n\nThe client build is listed in the Support \u003e Downloads section of the\nWebEx page after a user authenticates. WebEx bug fixes are cumulative\nin a major release. For example, if release T27 SP22 EP9 is fixed,\nrelease T27 SP22 EP23 will also have the software fix. End users\nwill see a version such as \"Client build: 27.25.4.11889.\" This\nindicates the server is running software version T27 SP25 EP4. \n\nIf a WRF player was automatically installed, it will be automatically\nupgraded to the latest, nonvulnerable version when users access a\nrecording file that is hosted on a WebEx meeting site. \n\nIf a WRF player was manually installed, users will need to manually\ninstall a new version of the player after downloading the latest\nversion from www.webex.com/downloadplayer.html. If the player is no\nlonger needed, it can be removed using the \"Mac Cisco-WebEx\nUninstaller\" or \"Meeting Services Removal tool\" available at \nsupport.webex.com/support/downloads.html\n\nWorkarounds\n===========\n\nThere are no workarounds for the vulnerabilities disclosed in this\nadvisory. \n\nObtaining Fixed Software\n========================\n\nCisco has released free software updates that address these\nvulnerabilities. Prior to deploying software, customers should\nconsult their maintenance provider or check the software for feature\nset compatibility and known issues specific to their environment. \n\nCustomers may only install and expect support for the feature sets\nthey have purchased. By installing, downloading, accessing or\notherwise using such software upgrades, customers agree to be bound\nby the terms of Cisco\u0027s software license terms found at:\nhttp://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html\nor as otherwise set forth at Cisco.com Downloads at:\nhttp://www.cisco.com/public/sw-center/sw-usingswc.shtml\n\nDo not contact psirt@cisco.com or security-alert@cisco.com for\nsoftware upgrades. \n\nCustomers with Service Contracts\n+-------------------------------\n\nThis section does not apply for vulnerabilities in Cisco WebEx\nproducts. \n\n\nCustomers using Third Party Support Organizations\n+------------------------------------------------\n\nThis section does not apply for vulnerabilities in Cisco WebEx\nproducts. \n\nCustomers without Service Contracts\n+----------------------------------\n\nThis section does not apply for vulnerabilities in Cisco WebEx\nproducts. \n\nExploitation and Public Announcements\n=====================================\n\nThe Cisco PSIRT is not aware of any public announcements or malicious\nuse of the vulnerabilities described in this advisory. \n\nThese vulnerabilities were reported to Cisco by TippingPoint. Cisco\nwould like to thank TippingPoint for reporting these vulnerabilities\nto us. \n\nStatus of this Notice: Final\n============================\n\nTHIS DOCUMENT IS PROVIDED ON AN \"AS IS\" BASIS AND DOES NOT IMPLY ANY\nKIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF\nMERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE\nINFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS\nAT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS\nDOCUMENT AT ANY TIME. \n\nA stand-alone copy or Paraphrase of the text of this document that\nomits the distribution URL in the following section is an\nuncontrolled copy, and may lack important information or contain\nfactual errors. \n\n\nDistribution\n============\n\nThis advisory is posted on Cisco\u0027s worldwide website at:\n\nhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-webex\n\nIn addition to worldwide web posting, a text version of this notice\nis clear-signed with the Cisco PSIRT PGP key and is posted to the\nfollowing e-mail and Usenet news recipients. \n\n * cust-security-announce@cisco.com\n * first-teams@first.org\n * bugtraq@securityfocus.com\n * vulnwatch@vulnwatch.org\n * cisco@spot.colorado.edu\n * cisco-nsp@puck.nether.net\n * full-disclosure@lists.grok.org.uk\n * comp.dcom.sys.cisco@newsgate.cisco.com\n\nFuture updates of this advisory, if any, will be placed on Cisco\u0027s\nworldwide website, but may or may not be actively announced on\nmailing lists or newsgroups. Users concerned about this problem are\nencouraged to check the above URL for any updates. \n\n\nRevision History\n================\n\n+-------------------------------------------------------------------+\n| Revision 1.0 | 2011-October-26 | Initial public release |\n+-------------------------------------------------------------------+\n\n\n \n\nCisco Security Procedures\n=========================\n\nComplete information on reporting security vulnerabilities in Cisco\nproducts, obtaining assistance with security incidents, and\nregistering to receive security information from Cisco, is available\non Cisco\u0027s worldwide website at:\nhttp://www.cisco.com/en/US/products/products_security_vulnerability_policy.html\nThis includes instructions for press inquiries regarding Cisco \nsecurity notices. \n\nAll Cisco security advisories are available at: \nhttp://www.cisco.com/go/psirt\n\n\n+--------------------------------------------------------------------\nCopyright 2010-2011 Cisco Systems, Inc. All rights reserved. \n+--------------------------------------------------------------------\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (SunOS)\n\niFcDBQFOqCUXQXnnBKKRMNARCO+aAP9IbHs1VnWKq0GY3UPgGavVWYYrypo9uR2g\nS1eif/eNEQD7BRMCZrBRVyqMy2c0STwOH9IN35fyqGyLtlO/Nxv4geA=\n=eg2S\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-3319"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002703"
},
{
"db": "ZDI",
"id": "ZDI-11-341"
},
{
"db": "CNVD",
"id": "CNVD-2011-4515"
},
{
"db": "BID",
"id": "50373"
},
{
"db": "VULHUB",
"id": "VHN-51264"
},
{
"db": "PACKETSTORM",
"id": "107626"
},
{
"db": "PACKETSTORM",
"id": "106320"
},
{
"db": "PACKETSTORM",
"id": "106250"
}
],
"trust": 3.42
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-51264",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-51264"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-3319",
"trust": 4.3
},
{
"db": "ZDI",
"id": "ZDI-11-341",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002703",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "46607",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-1236",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201110-652",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2011-4515",
"trust": 0.6
},
{
"db": "CISCO",
"id": "20111026 BUFFER OVERFLOW VULNERABILITIES IN THE CISCO WEBEX PLAYER",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "18037",
"trust": 0.6
},
{
"db": "ZDI",
"id": "ZDI-11-308",
"trust": 0.4
},
{
"db": "BID",
"id": "50373",
"trust": 0.3
},
{
"db": "PACKETSTORM",
"id": "107626",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "106250",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-51264",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "106320",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-341"
},
{
"db": "CNVD",
"id": "CNVD-2011-4515"
},
{
"db": "VULHUB",
"id": "VHN-51264"
},
{
"db": "BID",
"id": "50373"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002703"
},
{
"db": "PACKETSTORM",
"id": "107626"
},
{
"db": "PACKETSTORM",
"id": "106320"
},
{
"db": "PACKETSTORM",
"id": "106250"
},
{
"db": "NVD",
"id": "CVE-2011-3319"
},
{
"db": "CNNVD",
"id": "CNNVD-201110-652"
}
]
},
"id": "VAR-201110-0449",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-4515"
},
{
"db": "VULHUB",
"id": "VHN-51264"
}
],
"trust": 1.329615372
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-4515"
}
]
},
"last_update_date": "2023-12-18T13:40:09.185000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20111026-webex",
"trust": 1.5,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20111026-webex"
},
{
"title": "24442",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=24442"
},
{
"title": "cisco-sa-20111026-webex",
"trust": 0.8,
"url": "http://www.cisco.com/cisco/web/support/jp/110/1108/1108764_cisco-sa-20111026-webex-j.html"
},
{
"title": "Patch for Cisco WebEx WRF/ATAS32 File Format Remote Buffer Overflow Vulnerability (CNVD-2011-4515)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/5667"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-341"
},
{
"db": "CNVD",
"id": "CNVD-2011-4515"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002703"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-51264"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002703"
},
{
"db": "NVD",
"id": "CVE-2011-3319"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.6,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20111026-webex"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-3319"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-3319"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/46607"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/18037"
},
{
"trust": 0.4,
"url": "http://www.webex.com/"
},
{
"trust": 0.4,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-308/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-341/"
},
{
"trust": 0.2,
"url": "http://secunia.com/"
},
{
"trust": 0.2,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3319"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/disclosure_policy/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-341"
},
{
"trust": 0.1,
"url": "http://twitter.com/thezdi"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=46607"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/46607/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/products/corporate/vim/ovum_2011_request/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/46607/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "https://www.webex.com/downloadplayer.html."
},
{
"trust": 0.1,
"url": "http://www.cisco.com/go/psirt"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/en/us/products/products_security_vulnerability_policy.html"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/publicationlisting"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/en/us/docs/general/warranty/english/eu1ken_.html"
},
{
"trust": 0.1,
"url": "https://www.webex.com/downloadplayer.html"
},
{
"trust": 0.1,
"url": "https://www.webex.com"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-4004"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/public/sw-center/sw-usingswc.shtml"
},
{
"trust": 0.1,
"url": "http://intellishield.cisco.com/security/alertmanager/cvss"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-341"
},
{
"db": "CNVD",
"id": "CNVD-2011-4515"
},
{
"db": "VULHUB",
"id": "VHN-51264"
},
{
"db": "BID",
"id": "50373"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002703"
},
{
"db": "PACKETSTORM",
"id": "107626"
},
{
"db": "PACKETSTORM",
"id": "106320"
},
{
"db": "PACKETSTORM",
"id": "106250"
},
{
"db": "NVD",
"id": "CVE-2011-3319"
},
{
"db": "CNNVD",
"id": "CNNVD-201110-652"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-11-341"
},
{
"db": "CNVD",
"id": "CNVD-2011-4515"
},
{
"db": "VULHUB",
"id": "VHN-51264"
},
{
"db": "BID",
"id": "50373"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002703"
},
{
"db": "PACKETSTORM",
"id": "107626"
},
{
"db": "PACKETSTORM",
"id": "106320"
},
{
"db": "PACKETSTORM",
"id": "106250"
},
{
"db": "NVD",
"id": "CVE-2011-3319"
},
{
"db": "CNNVD",
"id": "CNNVD-201110-652"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-12-07T00:00:00",
"db": "ZDI",
"id": "ZDI-11-341"
},
{
"date": "2011-10-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-4515"
},
{
"date": "2011-10-27T00:00:00",
"db": "VULHUB",
"id": "VHN-51264"
},
{
"date": "2011-10-26T00:00:00",
"db": "BID",
"id": "50373"
},
{
"date": "2011-11-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-002703"
},
{
"date": "2011-12-08T03:59:49",
"db": "PACKETSTORM",
"id": "107626"
},
{
"date": "2011-10-28T06:41:05",
"db": "PACKETSTORM",
"id": "106320"
},
{
"date": "2011-10-26T18:04:06",
"db": "PACKETSTORM",
"id": "106250"
},
{
"date": "2011-10-27T21:55:01.057000",
"db": "NVD",
"id": "CVE-2011-3319"
},
{
"date": "1900-01-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201110-652"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-12-07T00:00:00",
"db": "ZDI",
"id": "ZDI-11-341"
},
{
"date": "2011-10-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-4515"
},
{
"date": "2012-04-06T00:00:00",
"db": "VULHUB",
"id": "VHN-51264"
},
{
"date": "2011-12-07T22:17:00",
"db": "BID",
"id": "50373"
},
{
"date": "2011-11-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-002703"
},
{
"date": "2012-04-06T04:00:00",
"db": "NVD",
"id": "CVE-2011-3319"
},
{
"date": "2011-10-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201110-652"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "107626"
},
{
"db": "PACKETSTORM",
"id": "106250"
},
{
"db": "CNNVD",
"id": "CNNVD-201110-652"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco WebEx Recording Format (WRF) player of WRF Analysis buffer overflow buffer vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-002703"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201110-652"
}
],
"trust": 0.6
}
}
var-200912-0438
Vulnerability from variot
Heap-based buffer overflow in atas32.dll in the Cisco WebEx WRF Player 26.x before 26.49.32 (aka T26SP49EP32) for Windows, 27.x before 27.10.x (aka T27SP10) for Windows, 26.x before 26.49.35 for Mac OS X and Linux, and 27.x before 27.11.8 for Mac OS X and Linux allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted WebEx Recording Format (WRF) file, a different vulnerability than CVE-2009-2876 and CVE-2009-2878. Cisco WebEx WRF Player of atas32.dll Contains a heap-based buffer overflow vulnerability. This vulnerability CVE-2009-2876 and CVE-2009-2878 This is a different vulnerability.Expertly crafted by a third party WebEx Recording Format (WRF) Denial of service via file (DoS) Could be state or execute arbitrary code. Cisco WebEx is prone to multiple remote buffer-overflow vulnerabilities because the software fails to perform adequate boundary checks on user-supplied data. An attacker can exploit these issues to execute arbitrary code with administrative privileges. Successful exploits will completely compromise affected computers. Failed exploit attempts will result in a denial-of-service condition. This vulnerability is different from CVE-2009-2876 and CVE-2009-2878. ----------------------------------------------------------------------
Do you have VARM strategy implemented?
(Vulnerability Assessment Remediation Management)
If not, then implement it through the most reliable vulnerability intelligence source on the market.
Implement it through Secunia.
ORIGINAL ADVISORY: Cisco: http://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Cisco Security Advisory: Multiple Cisco WebEx WRF Player Vulnerabilities
Advisory ID: cisco-sa-20091216-webex
http://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml
Revision 1.0
For Public Release 2009 December 16 1600 UTC (GMT)
Summary
Multiple buffer overflow vulnerabilities exist in the Cisco WebEx Recording Format (WRF) Player.
The Cisco WebEx WRF Player is an application that is used to play back WebEx meeting recordings that have been recorded on the computer of an on-line meeting attendee. The WRF Player can be automatically installed when the user accesses a WRF file that is hosted on a WebEx server. The WRF Player can also be manually installed for offline playback after downloading the application from www.webex.com.
If the WRF Player was automatically installed, the WebEx WRF Player will be automatically upgraded to the latest, non-vulnerable version when users access a WRF file hosted on a WebEx server. If the WebEx WRF Player was manually installed, users will need to manually install a new version of the player after downloading the latest version from www.webex.com.
Cisco has released free software updates that address these vulnerabilities.
This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml.
Affected Products
Vulnerable Products
The vulnerabilities disclosed in this advisory affect the Cisco WebEx WRF Player. Microsoft Windows, Apple Mac OS X, and Linux versions of the player are affected. Affected versions of the WRF Player are those prior to the "first fixed" versions, which are shown in the section "Software Versions and Fixes" of this advisory.
To check if a Cisco WebEx server is running an affected version of the WebEx client build, users can log in to their Cisco WebEx server and go to the Support -> Downloads section. The version of the WebEx client build will be displayed on the right-hand side of the page under "About Support Center", for example "Client build: 27.11.0.3328".
There is no way to check if a manually installed version of the WRF Player is affected by these vulnerabilities. Therefore, Cisco recommends that users upgrade to the most current version of the player that is available from http://www.webex.com/downloadplayer.html.
Products Confirmed Not Vulnerable
The Cisco WebEx Player for the WebEx Advanced Recording Format (ARF) file format is not affected by these vulnerabilities.
No other Cisco products are currently known to be affected by these vulnerabilities.
Details
The WebEx meeting service is a hosted multimedia conferencing solution that is managed by and maintained by Cisco WebEx. The WebEx Recording Format (WRF) is a file format that is used to store WebEx meeting recordings that have been recorded on the computer of an on-line meeting attendee. The WRF Player is an application that is used to play back and edit WRF files (files with .wrf extensions). The WRF Player can be automatically installed when the user accesses a WRF file that is hosted on a WebEx server (stream playback mode). The WRF Player can also be manually installed after downloading the application from www.webex.com to play back WRF files locally (offline playback mode). The vulnerabilities may lead to a crash of the WRF Player application, or in some cases, lead to remote code execution.
To exploit a vulnerability, a malicious WRF file would need to be opened by the WRF Player application. An attacker may be able to accomplish this by providing the malicious WRF file directly to users (for example, via e-mail), or by convincing users to visit a malicious website. The vulnerability cannot be triggered by users attending a WebEx meeting.
These vulnerabilities have been assigned the following Common Vulnerabilities and Exposures (CVE) identifiers:
- CVE-2009-2875
- CVE-2009-2876
- CVE-2009-2877
- CVE-2009-2878
- CVE-2009-2879
- CVE-2009-2880
Vulnerability Scoring Details
Cisco has provided scores for the vulnerabilities in this advisory based on the Common Vulnerability Scoring System (CVSS). The CVSS scoring in this Security Advisory is done in accordance with CVSS version 2.0.
CVSS is a standards-based scoring method that conveys vulnerability severity and helps determine urgency and priority of response.
Cisco has provided a base and temporal score. Customers can then compute environmental scores to assist in determining the impact of the vulnerability in individual networks.
Cisco has provided an FAQ to answer additional questions regarding CVSS at:
http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html
Cisco has also provided a CVSS calculator to help compute the environmental impact for individual networks at:
http://intellishield.cisco.com/security/alertmanager/cvss
- Multiple Cisco WebEx Player Buffer Overflow Vulnerabilities (all vulnerabilities in this advisory)
CVSS Base Score - 9.3 Access Vector - Network Access Complexity - Medium Authentication - None Confidentiality Impact - Complete Integrity Impact - Complete Availability Impact - Complete
CVSS Temporal Score - 7.7 Exploitability - Functional Remediation Level - Official-Fix Report Confidence - Confirmed
Impact
Successful exploitation of the vulnerabilities described in this document could result in a crash of the Cisco WebEx WRF Player application, and in some cases, allow a remote attacker to execute arbitrary code on the targeted system with the privileges of the user running the WRF Player application.
Software Versions and Fixes
The table below contains "First Fixed" information for the Cisco WebEx WRF Player that is automatically downloaded from a WebEx site when a WRF hosted on a WebEx site is accessed (stream playback mode). Fixes are cumulative within a major release so for example, if release 27.10.1 is fixed, then release 27.10.2 will have the fix too.
+------------------------------------------------------------+ | Platform | Major Release 26.x | Major Release 27.x | |-----------+---------------------+--------------------------| | Microsoft | 26.49.32; available | 27.10.x; available now | | Windows | now except lockdown | for non-PSO and | | | sites | non-lockdown sites | |-----------+---------------------+--------------------------| | | 26.49.35; available | 27.11.8; available now | | Mac OS X | early February 2010 | for non-PSO and | | | | non-lockdown sites | |-----------+---------------------+--------------------------| | | 26.49.35; available | 27.11.8; available now | | Linux | early February 2010 | for non-PSO and | | | | non-lockdown sites | +------------------------------------------------------------+
PSO and lockdown sites running 27.x will receive the fixes for these vulnerabilities during the next emergency patching (EP) cycle. This advisory will be updated to indicate a specific timeline once one is available.
If the WRF Player was automatically installed, the WebEx WRF Player will be automatically upgraded to the latest, non-vulnerable version when users access a WRF file hosted on a WebEx server.
If the WebEx WRF Player was manually installed, users will need to manually install a new version of the player after downloading the latest version from www.webex.com.
Workarounds
There are no workarounds for the vulnerabilities disclosed in this advisory.
Obtaining Fixed Software
Cisco has released free software updates that address these vulnerabilities. Prior to deploying software, customers should consult their maintenance provider or check the software for feature set compatibility and known issues specific to their environment.
Customers may only install and expect support for the feature sets they have purchased. By installing, downloading, accessing or otherwise using such software upgrades, customers agree to be bound by the terms of Cisco's software license terms found at http://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html, or as otherwise set forth at Cisco.com Downloads at http://www.cisco.com/public/sw-center/sw-usingswc.shtml.
Do not contact psirt@cisco.com or security-alert@cisco.com for software upgrades.
Customers that need additional information can contact WebEx Global Support Services and Technical Support. WebEx Global Support Services and Technical Support can be reached through the WebEx support site at http://support.webex.com/support/support-overview.html or by phone at +1-866-229-3239 or +1-408-435-7088.
Customers outside of the United States can reference the following link for local support numbers:
http://support.webex.com/support/phone-numbers.html
Exploitation and Public Announcements
The Cisco PSIRT is not aware of malicious use of the vulnerabilities described in this advisory.
These vulnerabilities were discovered and reported to Cisco by Xiaopeng Zhang and Zhenhua Liu of Fortinet's FortiGuard Labs. The FortiGuard Labs advisory is available at http://www.fortiguard.com. Cisco would like to thank FortiGuard Labs for reporting these vulnerabilities to us and for working with us on a coordinated disclosure.
Status of this Notice: FINAL
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.
A stand-alone copy or Paraphrase of the text of this document that omits the distribution URL in the following section is an uncontrolled copy, and may lack important information or contain factual errors.
Distribution
This advisory is posted on Cisco's worldwide website at:
http://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml
In addition to worldwide web posting, a text version of this notice is clear-signed with the Cisco PSIRT PGP key and is posted to the following e-mail and Usenet news recipients.
- cust-security-announce@cisco.com
- first-bulletins@lists.first.org
- bugtraq@securityfocus.com
- vulnwatch@vulnwatch.org
- cisco@spot.colorado.edu
- cisco-nsp@puck.nether.net
- full-disclosure@lists.grok.org.uk
- comp.dcom.sys.cisco@newsgate.cisco.com
Future updates of this advisory, if any, will be placed on Cisco's worldwide website, but may or may not be actively announced on mailing lists or newsgroups. Users concerned about this problem are encouraged to check the above URL for any updates.
Revision History
+------------------------------------------------------------+ | Revision 1.0 | 2009-December-16 | Initial public release | +------------------------------------------------------------+
Cisco Security Procedures
Complete information on reporting security vulnerabilities in Cisco products, obtaining assistance with security incidents, and registering to receive security information from Cisco, is available on Cisco's worldwide website at http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html. This includes instructions for press inquiries regarding Cisco security notices. All Cisco security advisories are available at http://www.cisco.com/go/psirt.
+-------------------------------------------------------------------- Copyright 2008-2009 Cisco Systems, Inc. All rights reserved. +--------------------------------------------------------------------
Updated: Dec 16, 2009 Document ID: 110946 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkspCQMACgkQ86n/Gc8U/uCn+QCeLaUWmiHsetXDoJsynUbgsmHs IDgAnRhmTkrcs2NhAQ7Dq8+eJqofkHSh =KaHv -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200912-0438",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webex",
"scope": "eq",
"trust": 2.2,
"vendor": "cisco",
"version": "27.00"
},
{
"model": "webex",
"scope": "eq",
"trust": 2.2,
"vendor": "cisco",
"version": "26.00"
},
{
"model": "webex",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "wrf player (linux) 26.49.35"
},
{
"model": "webex",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "wrf player (linux) 27.11.8"
},
{
"model": "webex",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "wrf player (mac os x) 26.49.35"
},
{
"model": "webex",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "wrf player (mac os x) 27.11.8"
},
{
"model": "webex",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "wrf player (windows) 26.49.32"
},
{
"model": "webex",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "wrf player (windows) 27.10.x"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)27.00"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)26.00"
},
{
"model": "webex",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "27.10"
},
{
"model": "webex",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "26.49.32"
},
{
"model": "webex (mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x)27.11.8"
},
{
"model": "webex (mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x)26.49.35"
},
{
"model": "webex",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "27.11.8"
},
{
"model": "webex",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "26.49.35"
}
],
"sources": [
{
"db": "BID",
"id": "37352"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002686"
},
{
"db": "NVD",
"id": "CVE-2009-2879"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-262"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex:27.00:*:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex:27.00:*:linux:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex:27.00:*:mac_os_x:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex:26.00:*:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex:26.00:*:linux:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex:26.00:*:mac_os_x:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2009-2879"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Xiaopeng ZhangZhenhua Liu\u203b zhliu@fortinet.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200912-262"
}
],
"trust": 0.6
},
"cve": "CVE-2009-2879",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2009-2879",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-40325",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2009-2879",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200912-262",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-40325",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-40325"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002686"
},
{
"db": "NVD",
"id": "CVE-2009-2879"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-262"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Heap-based buffer overflow in atas32.dll in the Cisco WebEx WRF Player 26.x before 26.49.32 (aka T26SP49EP32) for Windows, 27.x before 27.10.x (aka T27SP10) for Windows, 26.x before 26.49.35 for Mac OS X and Linux, and 27.x before 27.11.8 for Mac OS X and Linux allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted WebEx Recording Format (WRF) file, a different vulnerability than CVE-2009-2876 and CVE-2009-2878. Cisco WebEx WRF Player of atas32.dll Contains a heap-based buffer overflow vulnerability. This vulnerability CVE-2009-2876 and CVE-2009-2878 This is a different vulnerability.Expertly crafted by a third party WebEx Recording Format (WRF) Denial of service via file (DoS) Could be state or execute arbitrary code. Cisco WebEx is prone to multiple remote buffer-overflow vulnerabilities because the software fails to perform adequate boundary checks on user-supplied data. \nAn attacker can exploit these issues to execute arbitrary code with administrative privileges. Successful exploits will completely compromise affected computers. Failed exploit attempts will result in a denial-of-service condition. This vulnerability is different from CVE-2009-2876 and CVE-2009-2878. ----------------------------------------------------------------------\n\nDo you have VARM strategy implemented?\n\n(Vulnerability Assessment Remediation Management) \n\nIf not, then implement it through the most reliable vulnerability\nintelligence source on the market. \n\nImplement it through Secunia. \n\nORIGINAL ADVISORY:\nCisco:\nhttp://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nCisco Security Advisory: Multiple Cisco WebEx WRF Player Vulnerabilities\n\nAdvisory ID: cisco-sa-20091216-webex\n\nhttp://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml\n\nRevision 1.0\n\nFor Public Release 2009 December 16 1600 UTC (GMT)\n\nSummary\n=======\n\nMultiple buffer overflow vulnerabilities exist in the Cisco WebEx\nRecording Format (WRF) Player. \n\nThe Cisco WebEx WRF Player is an application that is used to play back\nWebEx meeting recordings that have been recorded on the computer of an\non-line meeting attendee. The WRF Player can be automatically installed\nwhen the user accesses a WRF file that is hosted on a WebEx server. The\nWRF Player can also be manually installed for offline playback after\ndownloading the application from www.webex.com. \n\nIf the WRF Player was automatically installed, the WebEx WRF Player\nwill be automatically upgraded to the latest, non-vulnerable version\nwhen users access a WRF file hosted on a WebEx server. If the WebEx\nWRF Player was manually installed, users will need to manually install\na new version of the player after downloading the latest version from\nwww.webex.com. \n\nCisco has released free software updates that address these\nvulnerabilities. \n\nThis advisory is posted at\nhttp://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml. \n\nAffected Products\n=================\n\nVulnerable Products\n- -------------------\n\nThe vulnerabilities disclosed in this advisory affect the Cisco WebEx\nWRF Player. Microsoft Windows, Apple Mac OS X, and Linux versions of the\nplayer are affected. Affected versions of the WRF Player are those prior\nto the \"first fixed\" versions, which are shown in the section \"Software\nVersions and Fixes\" of this advisory. \n\nTo check if a Cisco WebEx server is running an affected version of the\nWebEx client build, users can log in to their Cisco WebEx server and go\nto the Support -\u003e Downloads section. The version of the WebEx client\nbuild will be displayed on the right-hand side of the page under \"About\nSupport Center\", for example \"Client build: 27.11.0.3328\". \n\nThere is no way to check if a manually installed version of the WRF\nPlayer is affected by these vulnerabilities. Therefore, Cisco recommends\nthat users upgrade to the most current version of the player that is\navailable from http://www.webex.com/downloadplayer.html. \n\nProducts Confirmed Not Vulnerable\n- ---------------------------------\n\nThe Cisco WebEx Player for the WebEx Advanced Recording Format (ARF)\nfile format is not affected by these vulnerabilities. \n\nNo other Cisco products are currently known to be affected by these\nvulnerabilities. \n\nDetails\n=======\n\nThe WebEx meeting service is a hosted multimedia conferencing solution\nthat is managed by and maintained by Cisco WebEx. The WebEx Recording\nFormat (WRF) is a file format that is used to store WebEx meeting\nrecordings that have been recorded on the computer of an on-line meeting\nattendee. The WRF Player is an application that is used to play back\nand edit WRF files (files with .wrf extensions). The WRF Player can be\nautomatically installed when the user accesses a WRF file that is hosted\non a WebEx server (stream playback mode). The WRF Player can also be\nmanually installed after downloading the application from www.webex.com\nto play back WRF files locally (offline playback mode). The\nvulnerabilities may lead to a crash of the WRF Player application, or in\nsome cases, lead to remote code execution. \n\nTo exploit a vulnerability, a malicious WRF file would need to be opened\nby the WRF Player application. An attacker may be able to accomplish\nthis by providing the malicious WRF file directly to users (for example,\nvia e-mail), or by convincing users to visit a malicious website. The\nvulnerability cannot be triggered by users attending a WebEx meeting. \n\nThese vulnerabilities have been assigned the following Common\nVulnerabilities and Exposures (CVE) identifiers:\n\n * CVE-2009-2875\n * CVE-2009-2876\n * CVE-2009-2877\n * CVE-2009-2878\n * CVE-2009-2879\n * CVE-2009-2880\n\nVulnerability Scoring Details\n=============================\n\nCisco has provided scores for the vulnerabilities in this advisory based\non the Common Vulnerability Scoring System (CVSS). The CVSS scoring in\nthis Security Advisory is done in accordance with CVSS version 2.0. \n\nCVSS is a standards-based scoring method that conveys vulnerability\nseverity and helps determine urgency and priority of response. \n\nCisco has provided a base and temporal score. Customers can then\ncompute environmental scores to assist in determining the impact of the\nvulnerability in individual networks. \n\nCisco has provided an FAQ to answer additional questions regarding CVSS\nat:\n\nhttp://www.cisco.com/web/about/security/intelligence/cvss-qandas.html\n\nCisco has also provided a CVSS calculator to help compute the\nenvironmental impact for individual networks at:\n\nhttp://intellishield.cisco.com/security/alertmanager/cvss\n\n* Multiple Cisco WebEx Player Buffer Overflow Vulnerabilities (all\nvulnerabilities in this advisory)\n\nCVSS Base Score - 9.3\n Access Vector - Network\n Access Complexity - Medium\n Authentication - None\n Confidentiality Impact - Complete\n Integrity Impact - Complete\n Availability Impact - Complete\n\nCVSS Temporal Score - 7.7\n Exploitability - Functional\n Remediation Level - Official-Fix\n Report Confidence - Confirmed\n\nImpact\n======\n\nSuccessful exploitation of the vulnerabilities described in this\ndocument could result in a crash of the Cisco WebEx WRF Player\napplication, and in some cases, allow a remote attacker to execute\narbitrary code on the targeted system with the privileges of the user\nrunning the WRF Player application. \n\nSoftware Versions and Fixes\n===========================\n\nThe table below contains \"First Fixed\" information for the Cisco WebEx\nWRF Player that is automatically downloaded from a WebEx site when a WRF\nhosted on a WebEx site is accessed (stream playback mode). Fixes are\ncumulative within a major release so for example, if release 27.10.1 is\nfixed, then release 27.10.2 will have the fix too. \n\n+------------------------------------------------------------+\n| Platform | Major Release 26.x | Major Release 27.x |\n|-----------+---------------------+--------------------------|\n| Microsoft | 26.49.32; available | 27.10.x; available now |\n| Windows | now except lockdown | for non-PSO and |\n| | sites | non-lockdown sites |\n|-----------+---------------------+--------------------------|\n| | 26.49.35; available | 27.11.8; available now |\n| Mac OS X | early February 2010 | for non-PSO and |\n| | | non-lockdown sites |\n|-----------+---------------------+--------------------------|\n| | 26.49.35; available | 27.11.8; available now |\n| Linux | early February 2010 | for non-PSO and |\n| | | non-lockdown sites |\n+------------------------------------------------------------+\n\nPSO and lockdown sites running 27.x will receive the fixes for these\nvulnerabilities during the next emergency patching (EP) cycle. This\nadvisory will be updated to indicate a specific timeline once one is\navailable. \n\nIf the WRF Player was automatically installed, the WebEx WRF Player will\nbe automatically upgraded to the latest, non-vulnerable version when\nusers access a WRF file hosted on a WebEx server. \n\nIf the WebEx WRF Player was manually installed, users will need to\nmanually install a new version of the player after downloading the\nlatest version from www.webex.com. \n\nWorkarounds\n===========\n\nThere are no workarounds for the vulnerabilities disclosed in this\nadvisory. \n\nObtaining Fixed Software\n========================\n\nCisco has released free software updates that address these\nvulnerabilities. Prior to deploying software, customers should consult\ntheir maintenance provider or check the software for feature set\ncompatibility and known issues specific to their environment. \n\nCustomers may only install and expect support for the feature\nsets they have purchased. By installing, downloading, accessing\nor otherwise using such software upgrades, customers agree to be\nbound by the terms of Cisco\u0027s software license terms found at\nhttp://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html,\nor as otherwise set forth at Cisco.com Downloads at\nhttp://www.cisco.com/public/sw-center/sw-usingswc.shtml. \n\nDo not contact psirt@cisco.com or security-alert@cisco.com for software\nupgrades. \n\nCustomers that need additional information can contact WebEx Global\nSupport Services and Technical Support. WebEx Global Support Services\nand Technical Support can be reached through the WebEx support site at\nhttp://support.webex.com/support/support-overview.html or by phone at\n+1-866-229-3239 or +1-408-435-7088. \n\nCustomers outside of the United States can reference the following link\nfor local support numbers:\n\nhttp://support.webex.com/support/phone-numbers.html\n\nExploitation and Public Announcements\n=====================================\n\nThe Cisco PSIRT is not aware of malicious use of the vulnerabilities\ndescribed in this advisory. \n\nThese vulnerabilities were discovered and reported to Cisco by Xiaopeng\nZhang and Zhenhua Liu of Fortinet\u0027s FortiGuard Labs. The FortiGuard Labs\nadvisory is available at http://www.fortiguard.com. Cisco would like to\nthank FortiGuard Labs for reporting these vulnerabilities to us and for\nworking with us on a coordinated disclosure. \n\nStatus of this Notice: FINAL\n============================\n\nTHIS DOCUMENT IS PROVIDED ON AN \"AS IS\" BASIS AND DOES NOT IMPLY\nANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF\nMERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE\nINFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS\nAT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS\nDOCUMENT AT ANY TIME. \n\nA stand-alone copy or Paraphrase of the text of this document that omits\nthe distribution URL in the following section is an uncontrolled copy,\nand may lack important information or contain factual errors. \n\nDistribution\n============\n\nThis advisory is posted on Cisco\u0027s worldwide website at:\n\nhttp://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml\n\nIn addition to worldwide web posting, a text version of this notice is\nclear-signed with the Cisco PSIRT PGP key and is posted to the following\ne-mail and Usenet news recipients. \n\n * cust-security-announce@cisco.com\n * first-bulletins@lists.first.org\n * bugtraq@securityfocus.com\n * vulnwatch@vulnwatch.org\n * cisco@spot.colorado.edu\n * cisco-nsp@puck.nether.net\n * full-disclosure@lists.grok.org.uk\n * comp.dcom.sys.cisco@newsgate.cisco.com\n\nFuture updates of this advisory, if any, will be placed on Cisco\u0027s\nworldwide website, but may or may not be actively announced on mailing\nlists or newsgroups. Users concerned about this problem are encouraged\nto check the above URL for any updates. \n\nRevision History\n================\n\n+------------------------------------------------------------+\n| Revision 1.0 | 2009-December-16 | Initial public release |\n+------------------------------------------------------------+\n\nCisco Security Procedures\n=========================\n\nComplete information on reporting security vulnerabilities in\nCisco products, obtaining assistance with security incidents, and\nregistering to receive security information from Cisco, is available\non Cisco\u0027s worldwide website at\nhttp://www.cisco.com/en/US/products/products_security_vulnerability_policy.html. \nThis includes instructions for press inquiries regarding Cisco security\nnotices. All Cisco security advisories are available at\nhttp://www.cisco.com/go/psirt. \n\n+--------------------------------------------------------------------\nCopyright 2008-2009 Cisco Systems, Inc. All rights reserved. \n+--------------------------------------------------------------------\n\nUpdated: Dec 16, 2009 Document ID: 110946\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.9 (GNU/Linux)\n\niEYEARECAAYFAkspCQMACgkQ86n/Gc8U/uCn+QCeLaUWmiHsetXDoJsynUbgsmHs\nIDgAnRhmTkrcs2NhAQ7Dq8+eJqofkHSh\n=KaHv\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2009-2879"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002686"
},
{
"db": "BID",
"id": "37352"
},
{
"db": "VULHUB",
"id": "VHN-40325"
},
{
"db": "PACKETSTORM",
"id": "84023"
},
{
"db": "PACKETSTORM",
"id": "83934"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2009-2879",
"trust": 2.9
},
{
"db": "BID",
"id": "37352",
"trust": 2.8
},
{
"db": "SECUNIA",
"id": "37810",
"trust": 2.6
},
{
"db": "SECTRACK",
"id": "1023360",
"trust": 2.5
},
{
"db": "OSVDB",
"id": "61129",
"trust": 2.5
},
{
"db": "VUPEN",
"id": "ADV-2009-3574",
"trust": 1.7
},
{
"db": "XF",
"id": "54994",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002686",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200912-262",
"trust": 0.7
},
{
"db": "XF",
"id": "54841",
"trust": 0.6
},
{
"db": "CISCO",
"id": "20091216 MULTIPLE CISCO WEBEX WRF PLAYER VULNERABILITIES",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-40325",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "84023",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "83934",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-40325"
},
{
"db": "BID",
"id": "37352"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002686"
},
{
"db": "PACKETSTORM",
"id": "84023"
},
{
"db": "PACKETSTORM",
"id": "83934"
},
{
"db": "NVD",
"id": "CVE-2009-2879"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-262"
}
]
},
"id": "VAR-200912-0438",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-40325"
}
],
"trust": 0.725
},
"last_update_date": "2023-12-18T12:22:44.397000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20091216-webex",
"trust": 0.8,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml"
},
{
"title": "22661",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22661\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
},
{
"title": "22662",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22662\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
},
{
"title": "22663",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22663\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
},
{
"title": "22799",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22799\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
},
{
"title": "23040",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=23040\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
},
{
"title": "19499",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=19499"
},
{
"title": "22660",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22660\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002686"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-40325"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002686"
},
{
"db": "NVD",
"id": "CVE-2009-2879"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/37352"
},
{
"trust": 2.5,
"url": "http://securitytracker.com/id?1023360"
},
{
"trust": 2.5,
"url": "http://secunia.com/advisories/37810"
},
{
"trust": 1.7,
"url": "http://www.cisco.com/en/us/products/products_security_advisory09186a0080b0a577.shtml"
},
{
"trust": 1.7,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=19499"
},
{
"trust": 1.7,
"url": "http://www.fortiguard.com/advisory/fga-2009-48.html"
},
{
"trust": 1.7,
"url": "http://www.fortiguard.com/encyclopedia/vulnerability/cisco.webex.player.atas32.heap.overflow.html"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/61129"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2009/3574"
},
{
"trust": 1.6,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22660\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
},
{
"trust": 1.6,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22661\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
},
{
"trust": 1.6,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22662\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
},
{
"trust": 1.6,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22663\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
},
{
"trust": 1.6,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22799\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
},
{
"trust": 1.6,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=23040\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54841"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2879"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/54994"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-2879"
},
{
"trust": 0.8,
"url": "http://osvdb.org/61129"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/54841"
},
{
"trust": 0.5,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml"
},
{
"trust": 0.3,
"url": "http://www.webex.com/"
},
{
"trust": 0.3,
"url": "/archive/1/508512"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22660\u0026amp;signaturesubid=0\u0026amp;softwareversion=6.0\u0026amp;releaseversion=s456"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22661\u0026amp;signaturesubid=0\u0026amp;softwareversion=6.0\u0026amp;releaseversion=s456"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22662\u0026amp;signaturesubid=0\u0026amp;softwareversion=6.0\u0026amp;releaseversion=s456"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22663\u0026amp;signaturesubid=0\u0026amp;softwareversion=6.0\u0026amp;releaseversion=s456"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22799\u0026amp;signaturesubid=0\u0026amp;softwareversion=6.0\u0026amp;releaseversion=s456"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=23040\u0026amp;signaturesubid=0\u0026amp;softwareversion=6.0\u0026amp;releaseversion=s456"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/37810/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/business_solutions/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2878"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2880"
},
{
"trust": 0.1,
"url": "http://support.webex.com/support/phone-numbers.html"
},
{
"trust": 0.1,
"url": "http://www.fortiguard.com."
},
{
"trust": 0.1,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml."
},
{
"trust": 0.1,
"url": "http://www.cisco.com/en/us/products/products_security_vulnerability_policy.html."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2876"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2875"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/go/psirt."
},
{
"trust": 0.1,
"url": "http://www.webex.com/downloadplayer.html."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2877"
},
{
"trust": 0.1,
"url": "https://www.webex.com."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2879"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/public/sw-center/sw-usingswc.shtml."
},
{
"trust": 0.1,
"url": "http://support.webex.com/support/support-overview.html"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/en/us/docs/general/warranty/english/eu1ken_.html,"
},
{
"trust": 0.1,
"url": "http://intellishield.cisco.com/security/alertmanager/cvss"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-40325"
},
{
"db": "BID",
"id": "37352"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002686"
},
{
"db": "PACKETSTORM",
"id": "84023"
},
{
"db": "PACKETSTORM",
"id": "83934"
},
{
"db": "NVD",
"id": "CVE-2009-2879"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-262"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-40325"
},
{
"db": "BID",
"id": "37352"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002686"
},
{
"db": "PACKETSTORM",
"id": "84023"
},
{
"db": "PACKETSTORM",
"id": "83934"
},
{
"db": "NVD",
"id": "CVE-2009-2879"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-262"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-12-18T00:00:00",
"db": "VULHUB",
"id": "VHN-40325"
},
{
"date": "2009-12-16T00:00:00",
"db": "BID",
"id": "37352"
},
{
"date": "2011-06-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-002686"
},
{
"date": "2009-12-17T17:43:52",
"db": "PACKETSTORM",
"id": "84023"
},
{
"date": "2009-12-16T23:33:50",
"db": "PACKETSTORM",
"id": "83934"
},
{
"date": "2009-12-18T19:30:00.453000",
"db": "NVD",
"id": "CVE-2009-2879"
},
{
"date": "2009-12-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200912-262"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-17T00:00:00",
"db": "VULHUB",
"id": "VHN-40325"
},
{
"date": "2009-12-23T18:53:00",
"db": "BID",
"id": "37352"
},
{
"date": "2011-06-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-002686"
},
{
"date": "2017-08-17T01:30:56.677000",
"db": "NVD",
"id": "CVE-2009-2879"
},
{
"date": "2009-12-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200912-262"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "83934"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-262"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco WebEx WRF Player of atas32.dll Vulnerable to heap-based buffer overflow",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002686"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200912-262"
}
],
"trust": 0.6
}
}
var-201901-0352
Vulnerability from variot
A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit this vulnerability by sending a user a malicious ARF or WRF file via a link or email attachment and persuading the user to open the file with the affected software. Successful exploitation could allow the attacker to execute arbitrary code on the affected system. Crafted data in an ARF file can trigger a write past the end of an allocated buffer. These issues are being tracked by Cisco Bug IDs CSCvm65148, CSCvm65207, CSCvm65741, CSCvm65747, CSCvm65794, CSCvm65798, CSCvm86137, CSCvm86143, CSCvm86148, CSCvm86157, CSCvm86160, and CSCvm86165. Cisco Webex Business Suite WBS32 sites and so on are the video conferencing solutions of Cisco (Cisco). The following products are affected: Cisco Webex Business Suite WBS32 sites; Webex Business Suite WBS33 sites; Webex Meetings Online; Webex Meetings Server
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201901-0352",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0mr2"
},
{
"model": "webex meetings online",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "t33.3.5"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "t31"
},
{
"model": "webex meetings online",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.33"
},
{
"model": "webex meetings online",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "t33.5.1"
},
{
"model": "webex meetings online",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.39"
},
{
"model": "webex meetings online",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "t32.9"
},
{
"model": "webex meetings online",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex",
"scope": null,
"trust": 0.7,
"vendor": "cisco",
"version": null
},
{
"model": "webex player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex network recording player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings server 3.0mr2 patch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1"
},
{
"model": "webex meetings server 3.0mr2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server 3.0mr1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server patch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.01"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "webex meetings server mr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings online",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.3.37"
},
{
"model": "webex meetings online",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.3.35"
},
{
"model": "webex meetings online",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex business suite wbs33.4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite wbs33",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite wbs32.15.20",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite wbs32",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server mr2 sp2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "webex meetings server mr3 sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8"
},
{
"model": "webex meetings online",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.3.40"
},
{
"model": "webex business suite wbs33.7.0",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite wbs33.6.1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite wbs32.15.33",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-19-160"
},
{
"db": "BID",
"id": "106704"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-001450"
},
{
"db": "NVD",
"id": "CVE-2019-1639"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_online:t33.3.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:3.0mr2:p1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_online:t33.5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_online:t32.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:t31:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_online:1.3.39:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_online:1.3.33:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-1639"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "b0nd @garage4hackers",
"sources": [
{
"db": "ZDI",
"id": "ZDI-19-160"
}
],
"trust": 0.7
},
"cve": "CVE-2019-1639",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2019-1639",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-148531",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-1639",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.0,
"id": "CVE-2019-1639",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "REQUIRED",
"vectorString": "AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2019-1639",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ykramarz@cisco.com",
"id": "CVE-2019-1639",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2019-1639",
"trust": 0.7,
"value": "CRITICAL"
},
{
"author": "CNNVD",
"id": "CNNVD-201901-853",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-148531",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-19-160"
},
{
"db": "VULHUB",
"id": "VHN-148531"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-001450"
},
{
"db": "NVD",
"id": "CVE-2019-1639"
},
{
"db": "NVD",
"id": "CVE-2019-1639"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-853"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit this vulnerability by sending a user a malicious ARF or WRF file via a link or email attachment and persuading the user to open the file with the affected software. Successful exploitation could allow the attacker to execute arbitrary code on the affected system. Crafted data in an ARF file can trigger a write past the end of an allocated buffer. \nThese issues are being tracked by Cisco Bug IDs CSCvm65148, CSCvm65207, CSCvm65741, CSCvm65747, CSCvm65794, CSCvm65798, CSCvm86137, CSCvm86143, CSCvm86148, CSCvm86157, CSCvm86160, and CSCvm86165. Cisco Webex Business Suite WBS32 sites and so on are the video conferencing solutions of Cisco (Cisco). The following products are affected: Cisco Webex Business Suite WBS32 sites; Webex Business Suite WBS33 sites; Webex Meetings Online; Webex Meetings Server",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-1639"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-001450"
},
{
"db": "ZDI",
"id": "ZDI-19-160"
},
{
"db": "BID",
"id": "106704"
},
{
"db": "VULHUB",
"id": "VHN-148531"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-1639",
"trust": 3.5
},
{
"db": "BID",
"id": "106704",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2019-001450",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-7045",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-19-160",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201901-853",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-148531",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-19-160"
},
{
"db": "VULHUB",
"id": "VHN-148531"
},
{
"db": "BID",
"id": "106704"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-001450"
},
{
"db": "NVD",
"id": "CVE-2019-1639"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-853"
}
]
},
"id": "VAR-201901-0352",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-148531"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:28:33.965000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20190123-webex-rce",
"trust": 1.5,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190123-webex-rce"
},
{
"title": "Cisco Webex Network Recording Player and Webex Player for Windows Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=88934"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-19-160"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-001450"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-853"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-148531"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-001450"
},
{
"db": "NVD",
"id": "CVE-2019-1639"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190123-webex-rce"
},
{
"trust": 2.3,
"url": "http://www.securityfocus.com/bid/106704"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1639"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-1639"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-19-160"
},
{
"db": "VULHUB",
"id": "VHN-148531"
},
{
"db": "BID",
"id": "106704"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-001450"
},
{
"db": "NVD",
"id": "CVE-2019-1639"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-853"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-19-160"
},
{
"db": "VULHUB",
"id": "VHN-148531"
},
{
"db": "BID",
"id": "106704"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-001450"
},
{
"db": "NVD",
"id": "CVE-2019-1639"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-853"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-01-29T00:00:00",
"db": "ZDI",
"id": "ZDI-19-160"
},
{
"date": "2019-01-23T00:00:00",
"db": "VULHUB",
"id": "VHN-148531"
},
{
"date": "2019-01-23T00:00:00",
"db": "BID",
"id": "106704"
},
{
"date": "2019-03-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-001450"
},
{
"date": "2019-01-23T23:29:00.327000",
"db": "NVD",
"id": "CVE-2019-1639"
},
{
"date": "2019-01-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201901-853"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-01-29T00:00:00",
"db": "ZDI",
"id": "ZDI-19-160"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-148531"
},
{
"date": "2019-01-23T00:00:00",
"db": "BID",
"id": "106704"
},
{
"date": "2019-03-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-001450"
},
{
"date": "2019-10-09T23:47:34.813000",
"db": "NVD",
"id": "CVE-2019-1639"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201901-853"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201901-853"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Webex Network Recording Player and Cisco Webex Player Buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-001450"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201901-853"
}
],
"trust": 0.6
}
}
var-201810-0632
Vulnerability from variot
A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit this vulnerability by sending a user a malicious ARF or WRF file via a link or an email attachment and persuading the user to open the file by using the affected software. A successful exploit could allow the attacker to execute arbitrary code on the affected system. Cisco Webex Network Recording Player and Webex Player Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. When parsing an ARF file, the process does not properly validate a vtable entry before executing it, resulting in stack corruption. These issues are being tracked by Cisco Bug IDs CSCvj83752, CSCvj83767, CSCvj83771, CSCvj83793, CSCvj83797, CSCvj83803, CSCvj83818, CSCvj83824, CSCvj83831, CSCvj87929, CSCvj87934, CSCvj93870, CSCvj93877, CSCvk31089, CSCvk33049, CSCvk52510, CSCvk52518, CSCvk52521, CSCvk59945, CSCvk59949, CSCvk59950, CSCvk60158, CSCvk60163, CSCvm51315, CSCvm51318, CSCvm51361, CSCvm51371, CSCvm51373, CSCvm51374, CSCvm51382, CSCvm51386, CSCvm51391, CSCvm51393, CSCvm51396, CSCvm51398, CSCvm51412, CSCvm51413, CSCvm54531, and CSCvm54538
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201810-0632",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.9,
"vendor": "cisco",
"version": "2.8"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.9,
"vendor": "cisco",
"version": "2.7"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "2.7.1"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "2.6"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.1.29"
},
{
"model": "webex meetings online",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.37"
},
{
"model": "webex business suite 33",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "33.4"
},
{
"model": "webex business suite 32",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "32.15.10"
},
{
"model": "webex business suite",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings online",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex",
"scope": null,
"trust": 0.7,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite 33",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "33.1"
},
{
"model": "webex business suite 33",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "33.0"
},
{
"model": "webex business suite 32",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite 33",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "33.2"
},
{
"model": "webex business suite 33",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "33.3"
},
{
"model": "webex player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex network recording player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings server 3.0mr2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server 3.0mr1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server patch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.01"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8.1.2039"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8.1.1034"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8.1.1023"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8.1.1019"
},
{
"model": "webex meetings server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.81"
},
{
"model": "webex meetings server mr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8"
},
{
"model": "webex meetings server 2.7mr2 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.7.1.3047"
},
{
"model": "webex meetings server 2.6mr3 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.1.30"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.0.8"
},
{
"model": "webex meetings server 2.5mr6 patch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6"
},
{
"model": "webex meetings server 2.5mr2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.99.2"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.1.5"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.0.997"
},
{
"model": "webex meetings server mr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "webex meetings server base",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "webex meetings server 2.0mr2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5.1.6"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5.1.131"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5(.1.6)"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5(.1.131)"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.1"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings online",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.3.35"
},
{
"model": "webex meetings online",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex business suite wbs33",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite wbs32",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite wbs31",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server 3.0mr2 patch",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1"
},
{
"model": "webex meetings online",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.3.37"
},
{
"model": "webex business suite wbs33.4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite wbs32.15.20",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite wbs31.23",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1127"
},
{
"db": "BID",
"id": "105520"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010829"
},
{
"db": "NVD",
"id": "CVE-2018-15415"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-205"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_online:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.3.37",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5:maintenance_release2_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5:maintenance_release5_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.8:base:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5:maintenance_release6_patch2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5:maintenance_release6_patch4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7:maintenance_release1_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:maintenance_release1_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:maintenance_release2_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:maintenance_release3_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:maintenance_release3_patch2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5:maintenance_release6_patch3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5.1.29:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7:base:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7:maintenance_release2_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_business_suite_32:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "32.15.10",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_business_suite_33:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "33.4",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-15415"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Steven Seeley (mr_me) of Source Incite",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1127"
}
],
"trust": 0.7
},
"cve": "CVE-2018-15415",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-15415",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 4.9,
"id": "CVE-2018-15415",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-125672",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-15415",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-15415",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2018-15415",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201810-205",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-125672",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1127"
},
{
"db": "VULHUB",
"id": "VHN-125672"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010829"
},
{
"db": "NVD",
"id": "CVE-2018-15415"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-205"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit this vulnerability by sending a user a malicious ARF or WRF file via a link or an email attachment and persuading the user to open the file by using the affected software. A successful exploit could allow the attacker to execute arbitrary code on the affected system. Cisco Webex Network Recording Player and Webex Player Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. When parsing an ARF file, the process does not properly validate a vtable entry before executing it, resulting in stack corruption. \nThese issues are being tracked by Cisco Bug IDs CSCvj83752, CSCvj83767, CSCvj83771, CSCvj83793, CSCvj83797, CSCvj83803, CSCvj83818, CSCvj83824, CSCvj83831, CSCvj87929, CSCvj87934, CSCvj93870, CSCvj93877, CSCvk31089, CSCvk33049, CSCvk52510, CSCvk52518, CSCvk52521, CSCvk59945, CSCvk59949, CSCvk59950, CSCvk60158, CSCvk60163, CSCvm51315, CSCvm51318, CSCvm51361, CSCvm51371, CSCvm51373, CSCvm51374, CSCvm51382, CSCvm51386, CSCvm51391, CSCvm51393, CSCvm51396, CSCvm51398, CSCvm51412, CSCvm51413, CSCvm54531, and CSCvm54538",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-15415"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010829"
},
{
"db": "ZDI",
"id": "ZDI-18-1127"
},
{
"db": "BID",
"id": "105520"
},
{
"db": "VULHUB",
"id": "VHN-125672"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-15415",
"trust": 3.5
},
{
"db": "BID",
"id": "105520",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1041795",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010829",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-6356",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-1127",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201810-205",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-125672",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1127"
},
{
"db": "VULHUB",
"id": "VHN-125672"
},
{
"db": "BID",
"id": "105520"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010829"
},
{
"db": "NVD",
"id": "CVE-2018-15415"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-205"
}
]
},
"id": "VAR-201810-0632",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-125672"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:01:09.310000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20181003-webex-rce",
"trust": 1.5,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20181003-webex-rce"
},
{
"title": "Cisco Webex Network Recording Player and Webex Player Enter the fix for the verification vulnerability",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=85419"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1127"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010829"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-205"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-125672"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010829"
},
{
"db": "NVD",
"id": "CVE-2018-15415"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20181003-webex-rce"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/105520"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1041795"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-15415"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-15415"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1127"
},
{
"db": "VULHUB",
"id": "VHN-125672"
},
{
"db": "BID",
"id": "105520"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010829"
},
{
"db": "NVD",
"id": "CVE-2018-15415"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-205"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-18-1127"
},
{
"db": "VULHUB",
"id": "VHN-125672"
},
{
"db": "BID",
"id": "105520"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010829"
},
{
"db": "NVD",
"id": "CVE-2018-15415"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-205"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-08T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1127"
},
{
"date": "2018-10-05T00:00:00",
"db": "VULHUB",
"id": "VHN-125672"
},
{
"date": "2018-10-03T00:00:00",
"db": "BID",
"id": "105520"
},
{
"date": "2018-12-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010829"
},
{
"date": "2018-10-05T14:29:10.060000",
"db": "NVD",
"id": "CVE-2018-15415"
},
{
"date": "2018-10-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-205"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-08T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1127"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-125672"
},
{
"date": "2018-10-03T00:00:00",
"db": "BID",
"id": "105520"
},
{
"date": "2018-12-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010829"
},
{
"date": "2019-10-09T23:35:34.360000",
"db": "NVD",
"id": "CVE-2018-15415"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-205"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201810-205"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Webex Network Recording Player and Webex Player Input validation vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010829"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201810-205"
}
],
"trust": 0.6
}
}
var-201810-0590
Vulnerability from variot
A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit this vulnerability by sending a user a malicious ARF or WRF file via a link or an email attachment and persuading the user to open the file by using the affected software. A successful exploit could allow the attacker to execute arbitrary code on the affected system. Cisco Webex Network Recording Player and Webex Player Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. These issues are being tracked by Cisco Bug IDs CSCvj83752, CSCvj83767, CSCvj83771, CSCvj83793, CSCvj83797, CSCvj83803, CSCvj83818, CSCvj83824, CSCvj83831, CSCvj87929, CSCvj87934, CSCvj93870, CSCvj93877, CSCvk31089, CSCvk33049, CSCvk52510, CSCvk52518, CSCvk52521, CSCvk59945, CSCvk59949, CSCvk59950, CSCvk60158, CSCvk60163, CSCvm51315, CSCvm51318, CSCvm51361, CSCvm51371, CSCvm51373, CSCvm51374, CSCvm51382, CSCvm51386, CSCvm51391, CSCvm51393, CSCvm51396, CSCvm51398, CSCvm51412, CSCvm51413, CSCvm54531, and CSCvm54538
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201810-0590",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.9,
"vendor": "cisco",
"version": "2.8"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.9,
"vendor": "cisco",
"version": "2.7"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "2.7.1"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "2.6"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "webex business suite 33",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "33.3"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.1.29"
},
{
"model": "webex meetings online",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.37"
},
{
"model": "webex business suite 32",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "32.15.30"
},
{
"model": "webex business suite",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "32"
},
{
"model": "webex business suite",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "33"
},
{
"model": "webex meetings online",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex",
"scope": null,
"trust": 0.7,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite 33",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "33.1"
},
{
"model": "webex business suite 33",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "33.0"
},
{
"model": "webex business suite 32",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "32.15.10"
},
{
"model": "webex business suite 33",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "33.2"
},
{
"model": "webex business suite 32",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex network recording player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings server 3.0mr2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server 3.0mr1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server patch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.01"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8.1.2039"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8.1.1034"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8.1.1023"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8.1.1019"
},
{
"model": "webex meetings server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.81"
},
{
"model": "webex meetings server mr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8"
},
{
"model": "webex meetings server 2.7mr2 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.7.1.3047"
},
{
"model": "webex meetings server 2.6mr3 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.1.30"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.0.8"
},
{
"model": "webex meetings server 2.5mr6 patch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6"
},
{
"model": "webex meetings server 2.5mr2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.99.2"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.1.5"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.0.997"
},
{
"model": "webex meetings server mr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "webex meetings server base",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "webex meetings server 2.0mr2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5.1.6"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5.1.131"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5(.1.6)"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5(.1.131)"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.1"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings online",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.3.35"
},
{
"model": "webex meetings online",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex business suite wbs33",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite wbs32",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite wbs31",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server 3.0mr2 patch",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1"
},
{
"model": "webex meetings online",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.3.37"
},
{
"model": "webex business suite wbs33.4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite wbs32.15.20",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite wbs31.23",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1125"
},
{
"db": "BID",
"id": "105520"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010861"
},
{
"db": "NVD",
"id": "CVE-2018-15420"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-210"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_online:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.3.37",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5:maintenance_release2_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5:maintenance_release6_patch2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:maintenance_release1_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:maintenance_release3_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5:maintenance_release6_patch3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5:maintenance_release6_patch4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5.1.29:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7:base:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7:maintenance_release1_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7:maintenance_release2_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5:maintenance_release5_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:maintenance_release2_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:maintenance_release3_patch2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.8:base:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_business_suite_32:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "32.15.30",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_business_suite_33:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "33.3",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-15420"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Michael Flanders of Trend Micro Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1125"
}
],
"trust": 0.7
},
"cve": "CVE-2018-15420",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-15420",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2018-15420",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-125678",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-15420",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-15420",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2018-15420",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201810-210",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-125678",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1125"
},
{
"db": "VULHUB",
"id": "VHN-125678"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010861"
},
{
"db": "NVD",
"id": "CVE-2018-15420"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-210"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit this vulnerability by sending a user a malicious ARF or WRF file via a link or an email attachment and persuading the user to open the file by using the affected software. A successful exploit could allow the attacker to execute arbitrary code on the affected system. Cisco Webex Network Recording Player and Webex Player Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. \nThese issues are being tracked by Cisco Bug IDs CSCvj83752, CSCvj83767, CSCvj83771, CSCvj83793, CSCvj83797, CSCvj83803, CSCvj83818, CSCvj83824, CSCvj83831, CSCvj87929, CSCvj87934, CSCvj93870, CSCvj93877, CSCvk31089, CSCvk33049, CSCvk52510, CSCvk52518, CSCvk52521, CSCvk59945, CSCvk59949, CSCvk59950, CSCvk60158, CSCvk60163, CSCvm51315, CSCvm51318, CSCvm51361, CSCvm51371, CSCvm51373, CSCvm51374, CSCvm51382, CSCvm51386, CSCvm51391, CSCvm51393, CSCvm51396, CSCvm51398, CSCvm51412, CSCvm51413, CSCvm54531, and CSCvm54538",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-15420"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010861"
},
{
"db": "ZDI",
"id": "ZDI-18-1125"
},
{
"db": "BID",
"id": "105520"
},
{
"db": "VULHUB",
"id": "VHN-125678"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-15420",
"trust": 3.5
},
{
"db": "BID",
"id": "105520",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1041795",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010861",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-6315",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-1125",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201810-210",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-125678",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1125"
},
{
"db": "VULHUB",
"id": "VHN-125678"
},
{
"db": "BID",
"id": "105520"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010861"
},
{
"db": "NVD",
"id": "CVE-2018-15420"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-210"
}
]
},
"id": "VAR-201810-0590",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-125678"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:01:09.481000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20181003-webex-rce",
"trust": 1.5,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20181003-webex-rce"
},
{
"title": "Cisco Webex Network Recording Player and Webex Player Enter the fix for the verification vulnerability",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=85424"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1125"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010861"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-210"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-125678"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010861"
},
{
"db": "NVD",
"id": "CVE-2018-15420"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20181003-webex-rce"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/105520"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1041795"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-15420"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-15420"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1125"
},
{
"db": "VULHUB",
"id": "VHN-125678"
},
{
"db": "BID",
"id": "105520"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010861"
},
{
"db": "NVD",
"id": "CVE-2018-15420"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-210"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-18-1125"
},
{
"db": "VULHUB",
"id": "VHN-125678"
},
{
"db": "BID",
"id": "105520"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010861"
},
{
"db": "NVD",
"id": "CVE-2018-15420"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-210"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-08T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1125"
},
{
"date": "2018-10-05T00:00:00",
"db": "VULHUB",
"id": "VHN-125678"
},
{
"date": "2018-10-03T00:00:00",
"db": "BID",
"id": "105520"
},
{
"date": "2018-12-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010861"
},
{
"date": "2018-10-05T14:29:10.637000",
"db": "NVD",
"id": "CVE-2018-15420"
},
{
"date": "2018-10-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-210"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-08T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1125"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-125678"
},
{
"date": "2018-10-03T00:00:00",
"db": "BID",
"id": "105520"
},
{
"date": "2018-12-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010861"
},
{
"date": "2019-10-09T23:35:35.127000",
"db": "NVD",
"id": "CVE-2018-15420"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-210"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201810-210"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Webex Network Recording Player and Webex Player Input validation vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010861"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201810-210"
}
],
"trust": 0.6
}
}
var-201210-0317
Vulnerability from variot
Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCtz72958. Cisco WebEx is prone to multiple remote memory-corruption vulnerabilities. An attacker can exploit these issues to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions. Cisco WebEx is a set of Web conferencing tools developed by American Cisco (Cisco), which can assist office workers in different places to coordinate and cooperate. WebEx services include Web conferencing, telepresence video conferencing and enterprise instant messaging (IM). Cisco WebEx Player is used to play the WebEx meeting records recorded by participants on their computers. ----------------------------------------------------------------------
The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/
TITLE: Cisco WebEx Recording Format Player Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA50905
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/50905/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=50905
RELEASE DATE: 2012-10-11
DISCUSS ADVISORY: http://secunia.com/advisories/50905/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/50905/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=50905
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Cisco WebEx Recording Format Player, which can be exploited by malicious people to compromise a user's system.
1) An unspecified error can be exploited to cause a buffer overflow via a specially crafted WRF file.
2) An unspecified error can be exploited to cause a buffer overflow via a specially crafted WRF file.
3) An unspecified error can be exploited to cause a buffer overflow via a specially crafted WRF file.
4) An unspecified error can be exploited to corrupt memory via a specially crafted WRF file.
5) An unspecified error can be exploited to cause a buffer overflow via a specially crafted WRF file.
6) An unspecified error can be exploited to cause a heap-based buffer overflow via a specially crafted WRF file.
Successful exploitation of the vulnerabilities may allow execution of arbitrary code.
The vulnerabilities are reported in the following versions: * T28 client builds prior to T28.4 (28.4) * T27 client builds prior to T27LDSP32EP10 (27.32.10)
SOLUTION: Update to version 28.4 or 27.32.10.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: The vendor credits Beyond Security, Core Security, Codenomicon, and TELUS.
ORIGINAL ADVISORY: Cisco: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-webex
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201210-0317",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webex recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.25.10"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.21.10"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.32.1"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.11.26"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "28.0.0"
},
{
"model": "webex recording format player",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "t28 client build"
},
{
"model": "webex recording format player",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "t27 client build"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "t28.4 (28.4)"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "t27ldsp32ep10 (27.32.10)"
},
{
"model": "webex t27 ld sp32 cp1",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 ld sp32",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 lc sp25 ep9",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 lc sp25 ep10",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 lb sp21 ep10",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 l sp11 ep26",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 fr20",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "27.00"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "27.10"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)27.11.8"
},
{
"model": "webex (mac os t27 sp28",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 sp25 ep3",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 sp23",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 sp21 ep9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 sp11 ep23",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 ld sp32 cp1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 ld sp32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 lc sp25 ep9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 lc sp25 ep10",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 lb sp21 ep10",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 l sp11 ep26",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 fr20",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)27.00"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "27.11.8"
},
{
"model": "webex t27 sp28",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 sp25 ep3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 sp23",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 sp21 ep9",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 sp11 ep23",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "55866"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005135"
},
{
"db": "NVD",
"id": "CVE-2012-3940"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-237"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:27.21.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:27.11.26:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:27.25.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:28.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:27.32.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-3940"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Beyond Security, Core Security, Codenomicon, and TELUS",
"sources": [
{
"db": "BID",
"id": "55866"
}
],
"trust": 0.3
},
"cve": "CVE-2012-3940",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2012-3940",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-57221",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-3940",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201210-237",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-57221",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57221"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005135"
},
{
"db": "NVD",
"id": "CVE-2012-3940"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-237"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCtz72958. Cisco WebEx is prone to multiple remote memory-corruption vulnerabilities. \nAn attacker can exploit these issues to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions. Cisco WebEx is a set of Web conferencing tools developed by American Cisco (Cisco), which can assist office workers in different places to coordinate and cooperate. WebEx services include Web conferencing, telepresence video conferencing and enterprise instant messaging (IM). Cisco WebEx Player is used to play the WebEx meeting records recorded by participants on their computers. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nCisco WebEx Recording Format Player Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA50905\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/50905/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50905\n\nRELEASE DATE:\n2012-10-11\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/50905/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/50905/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50905\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Cisco WebEx Recording\nFormat Player, which can be exploited by malicious people to\ncompromise a user\u0027s system. \n\n1) An unspecified error can be exploited to cause a buffer overflow\nvia a specially crafted WRF file. \n\n2) An unspecified error can be exploited to cause a buffer overflow\nvia a specially crafted WRF file. \n\n3) An unspecified error can be exploited to cause a buffer overflow\nvia a specially crafted WRF file. \n\n4) An unspecified error can be exploited to corrupt memory via a\nspecially crafted WRF file. \n\n5) An unspecified error can be exploited to cause a buffer overflow\nvia a specially crafted WRF file. \n\n6) An unspecified error can be exploited to cause a heap-based buffer\noverflow via a specially crafted WRF file. \n\nSuccessful exploitation of the vulnerabilities may allow execution of\narbitrary code. \n\nThe vulnerabilities are reported in the following versions:\n* T28 client builds prior to T28.4 (28.4)\n* T27 client builds prior to T27LDSP32EP10 (27.32.10)\n\nSOLUTION:\nUpdate to version 28.4 or 27.32.10. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits Beyond Security, Core Security, Codenomicon, and\nTELUS. \n\nORIGINAL ADVISORY:\nCisco:\nhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-webex\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-3940"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005135"
},
{
"db": "BID",
"id": "55866"
},
{
"db": "VULHUB",
"id": "VHN-57221"
},
{
"db": "PACKETSTORM",
"id": "117325"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-3940",
"trust": 2.8
},
{
"db": "BID",
"id": "55866",
"trust": 1.4
},
{
"db": "SECTRACK",
"id": "1027639",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "86139",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005135",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201210-237",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "50905",
"trust": 0.7
},
{
"db": "CISCO",
"id": "20121010 MULTIPLE VULNERABILITIES IN THE CISCO WEBEX RECORDING FORMAT PLAYER",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-57221",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "117325",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57221"
},
{
"db": "BID",
"id": "55866"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005135"
},
{
"db": "PACKETSTORM",
"id": "117325"
},
{
"db": "NVD",
"id": "CVE-2012-3940"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-237"
}
]
},
"id": "VAR-201210-0317",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-57221"
}
],
"trust": 0.69583333
},
"last_update_date": "2023-12-18T13:09:37.293000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20121010-webex",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20121010-webex"
},
{
"title": "27109",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=27109"
},
{
"title": "cisco-sa-20121010-webex",
"trust": 0.8,
"url": "http://www.cisco.com/cisco/web/support/jp/111/1116/1116639_cisco-sa-20121010-webex-j.html"
},
{
"title": "atrecply",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=45107"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-005135"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-237"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57221"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005135"
},
{
"db": "NVD",
"id": "CVE-2012-3940"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20121010-webex"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/55866"
},
{
"trust": 1.1,
"url": "http://osvdb.org/86139"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1027639"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3940"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-3940"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/50905"
},
{
"trust": 0.3,
"url": "http://www.webex.com/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50905"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50905/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/blog/325/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50905/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57221"
},
{
"db": "BID",
"id": "55866"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005135"
},
{
"db": "PACKETSTORM",
"id": "117325"
},
{
"db": "NVD",
"id": "CVE-2012-3940"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-237"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-57221"
},
{
"db": "BID",
"id": "55866"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005135"
},
{
"db": "PACKETSTORM",
"id": "117325"
},
{
"db": "NVD",
"id": "CVE-2012-3940"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-237"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-10-25T00:00:00",
"db": "VULHUB",
"id": "VHN-57221"
},
{
"date": "2012-10-10T00:00:00",
"db": "BID",
"id": "55866"
},
{
"date": "2012-10-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-005135"
},
{
"date": "2012-10-11T10:07:14",
"db": "PACKETSTORM",
"id": "117325"
},
{
"date": "2012-10-25T14:55:03.767000",
"db": "NVD",
"id": "CVE-2012-3940"
},
{
"date": "2012-10-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201210-237"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-05-04T00:00:00",
"db": "VULHUB",
"id": "VHN-57221"
},
{
"date": "2015-03-19T09:16:00",
"db": "BID",
"id": "55866"
},
{
"date": "2012-10-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-005135"
},
{
"date": "2013-05-04T03:20:03.860000",
"db": "NVD",
"id": "CVE-2012-3940"
},
{
"date": "2012-10-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201210-237"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201210-237"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco WebEx Recording Format Player Vulnerable to buffer overflow",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-005135"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201210-237"
}
],
"trust": 0.6
}
}
var-201810-0628
Vulnerability from variot
A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit this vulnerability by sending a user a malicious ARF or WRF file via a link or an email attachment and persuading the user to open the file by using the affected software. A successful exploit could allow the attacker to execute arbitrary code on the affected system. Cisco Webex Network Recording Player and Webex Player Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. These issues are being tracked by Cisco Bug IDs CSCvj83752, CSCvj83767, CSCvj83771, CSCvj83793, CSCvj83797, CSCvj83803, CSCvj83818, CSCvj83824, CSCvj83831, CSCvj87929, CSCvj87934, CSCvj93870, CSCvj93877, CSCvk31089, CSCvk33049, CSCvk52510, CSCvk52518, CSCvk52521, CSCvk59945, CSCvk59949, CSCvk59950, CSCvk60158, CSCvk60163, CSCvm51315, CSCvm51318, CSCvm51361, CSCvm51371, CSCvm51373, CSCvm51374, CSCvm51382, CSCvm51386, CSCvm51391, CSCvm51393, CSCvm51396, CSCvm51398, CSCvm51412, CSCvm51413, CSCvm54531, and CSCvm54538
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201810-0628",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.9,
"vendor": "cisco",
"version": "2.8"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.9,
"vendor": "cisco",
"version": "2.7"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.9,
"vendor": "cisco",
"version": "2.6"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "2.7.1"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.1.29"
},
{
"model": "webex meetings online",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.37"
},
{
"model": "webex business suite 33",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "33.4"
},
{
"model": "webex business suite 32",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "32.15.30"
},
{
"model": "webex business suite",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings online",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex",
"scope": null,
"trust": 0.7,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite 32",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "32.15.30"
},
{
"model": "webex player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex network recording player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings server 3.0mr2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server 3.0mr1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server patch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.01"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8.1.2039"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8.1.1034"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8.1.1023"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8.1.1019"
},
{
"model": "webex meetings server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.81"
},
{
"model": "webex meetings server mr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8"
},
{
"model": "webex meetings server 2.7mr2 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.7.1.3047"
},
{
"model": "webex meetings server 2.6mr3 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.1.30"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.0.8"
},
{
"model": "webex meetings server 2.5mr6 patch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6"
},
{
"model": "webex meetings server 2.5mr2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.99.2"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.1.5"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.0.997"
},
{
"model": "webex meetings server mr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "webex meetings server base",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "webex meetings server 2.0mr2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5.1.6"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5.1.131"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5(.1.6)"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5(.1.131)"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.1"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings online",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.3.35"
},
{
"model": "webex meetings online",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex business suite wbs33",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite wbs32",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite wbs31",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server 3.0mr2 patch",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1"
},
{
"model": "webex meetings online",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.3.37"
},
{
"model": "webex business suite wbs33.4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite wbs32.15.20",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite wbs31.23",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1126"
},
{
"db": "BID",
"id": "105520"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010555"
},
{
"db": "NVD",
"id": "CVE-2018-15411"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-202"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_online:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.3.37",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:maintenance_release1_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5:maintenance_release6_patch4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5:maintenance_release6_patch3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5:maintenance_release6_patch2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5:maintenance_release5_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:maintenance_release3_patch2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:maintenance_release2_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5.1.29:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.8:base:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7:maintenance_release2_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7:base:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7:maintenance_release1_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:maintenance_release3_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5:maintenance_release2_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_business_suite_32:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "32.15.30",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_business_suite_33:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "33.4",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-15411"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Michael Flanders of Trend Micro Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1126"
}
],
"trust": 0.7
},
"cve": "CVE-2018-15411",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-15411",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2018-15411",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-125668",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-15411",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-15411",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2018-15411",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201810-202",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-125668",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1126"
},
{
"db": "VULHUB",
"id": "VHN-125668"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010555"
},
{
"db": "NVD",
"id": "CVE-2018-15411"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-202"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit this vulnerability by sending a user a malicious ARF or WRF file via a link or an email attachment and persuading the user to open the file by using the affected software. A successful exploit could allow the attacker to execute arbitrary code on the affected system. Cisco Webex Network Recording Player and Webex Player Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. \nThese issues are being tracked by Cisco Bug IDs CSCvj83752, CSCvj83767, CSCvj83771, CSCvj83793, CSCvj83797, CSCvj83803, CSCvj83818, CSCvj83824, CSCvj83831, CSCvj87929, CSCvj87934, CSCvj93870, CSCvj93877, CSCvk31089, CSCvk33049, CSCvk52510, CSCvk52518, CSCvk52521, CSCvk59945, CSCvk59949, CSCvk59950, CSCvk60158, CSCvk60163, CSCvm51315, CSCvm51318, CSCvm51361, CSCvm51371, CSCvm51373, CSCvm51374, CSCvm51382, CSCvm51386, CSCvm51391, CSCvm51393, CSCvm51396, CSCvm51398, CSCvm51412, CSCvm51413, CSCvm54531, and CSCvm54538",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-15411"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010555"
},
{
"db": "ZDI",
"id": "ZDI-18-1126"
},
{
"db": "BID",
"id": "105520"
},
{
"db": "VULHUB",
"id": "VHN-125668"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-15411",
"trust": 3.5
},
{
"db": "BID",
"id": "105520",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1041795",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010555",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-6400",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-1126",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201810-202",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-125668",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1126"
},
{
"db": "VULHUB",
"id": "VHN-125668"
},
{
"db": "BID",
"id": "105520"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010555"
},
{
"db": "NVD",
"id": "CVE-2018-15411"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-202"
}
]
},
"id": "VAR-201810-0628",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-125668"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:01:09.345000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20181003-webex-rce",
"trust": 1.5,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20181003-webex-rce"
},
{
"title": "Cisco Webex Network Recording Player and Webex Player Enter the fix for the verification vulnerability",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=85416"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1126"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010555"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-202"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.1
},
{
"problemtype": "CWE-119",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-125668"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010555"
},
{
"db": "NVD",
"id": "CVE-2018-15411"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20181003-webex-rce"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/105520"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1041795"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-15411"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-15411"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1126"
},
{
"db": "VULHUB",
"id": "VHN-125668"
},
{
"db": "BID",
"id": "105520"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010555"
},
{
"db": "NVD",
"id": "CVE-2018-15411"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-202"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-18-1126"
},
{
"db": "VULHUB",
"id": "VHN-125668"
},
{
"db": "BID",
"id": "105520"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010555"
},
{
"db": "NVD",
"id": "CVE-2018-15411"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-202"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-08T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1126"
},
{
"date": "2018-10-05T00:00:00",
"db": "VULHUB",
"id": "VHN-125668"
},
{
"date": "2018-10-03T00:00:00",
"db": "BID",
"id": "105520"
},
{
"date": "2018-12-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010555"
},
{
"date": "2018-10-05T14:29:09.607000",
"db": "NVD",
"id": "CVE-2018-15411"
},
{
"date": "2018-10-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-202"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-08T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1126"
},
{
"date": "2020-09-01T00:00:00",
"db": "VULHUB",
"id": "VHN-125668"
},
{
"date": "2018-10-03T00:00:00",
"db": "BID",
"id": "105520"
},
{
"date": "2018-12-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010555"
},
{
"date": "2020-09-01T12:57:32.397000",
"db": "NVD",
"id": "CVE-2018-15411"
},
{
"date": "2020-09-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-202"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201810-202"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Webex Network Recording Player and Webex Player Buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010555"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201810-202"
}
],
"trust": 0.6
}
}
var-201206-0109
Vulnerability from variot
Heap-based buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27 LC before SP25 EP11, T27 LD before SP32 CP2, and T28 L10N before SP1 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCtz72977. Cisco WebEx Recording Format (WRF) player Contains a heap-based buffer overflow vulnerability. The problem is Bug ID CSCtz72977 It is a problem.Skillfully crafted by a third party WRF An arbitrary code may be executed via the file. Cisco WebEx is prone to multiple remote buffer-overflow vulnerabilities because it fails to perform adequate boundary-checks on user-supplied data. An attacker can exploit these issues to execute arbitrary code with the privileges of the affected application. Failed exploit attempts will result in a denial-of-service condition. Cisco WebEx is a set of Web conferencing tools developed by American Cisco (Cisco), which can assist office workers in different places to coordinate and cooperate. WebEx services include Web conferencing, telepresence video conferencing and enterprise instant messaging (IM). ----------------------------------------------------------------------
Become a PSI 3.0 beta tester! Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. Download it here! http://secunia.com/psi_30_beta_launch
TITLE: Cisco WebEx Player WRF Processing Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA49750
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/49750/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=49750
RELEASE DATE: 2012-06-28
DISCUSS ADVISORY: http://secunia.com/advisories/49750/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/49750/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=49750
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in WebEx Recording Format Player, which can be exploited by malicious people to compromise a user's system.
2) An error when processing the JPEG DHT chunk within a WRF file can be exploited to cause a stack-based buffer overflow.
3) An unspecified error when processing WRF files can be exploited to corrupt memory.
Successful exploitation of the vulnerabilities may allow execution of arbitrary code.
The vulnerabilities are reported in the following versions: * Client builds 28.0.0 (T28 L10N). * Client builds 27.32.1 (T27 LD SP32 CP1) and prior. * Client builds 27.25.10 (T27 LC SP25 EP10) and prior. * Client builds 27.21.10 (T27 LB SP21 EP10) and prior. * Client builds 27.11.26 (T27 L SP11 EP26) and prior.
SOLUTION: Update to a fixed client build (please see the vendor's advisory for details).
PROVIDED AND/OR DISCOVERED BY: The vendor credits iDefense and Microsoft Vulnerability Research (MSVR).
ORIGINAL ADVISORY: Cisco: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120627-webex
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201206-0109",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webex recording format player",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "27.11.26"
},
{
"model": "webex recording format player",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "27.32.0"
},
{
"model": "webex recording format player",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "28.0.0"
},
{
"model": "webex recording format player",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "27.21.0"
},
{
"model": "webex recording format player",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "27.11.0"
},
{
"model": "webex recording format player",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "27.21.10"
},
{
"model": "webex recording format player",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "27.25.0"
},
{
"model": "webex recording format player",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "27.25.11"
},
{
"model": "webex recording format player",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "27.32.2"
},
{
"model": "webex recording format player",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "28.0.1"
},
{
"model": "webex recording format player",
"scope": "lte",
"trust": 0.8,
"vendor": "cisco",
"version": "client builds 27.25.10 (t27 lc sp25 ep10)"
},
{
"model": "webex recording format player",
"scope": "lte",
"trust": 0.8,
"vendor": "cisco",
"version": "client builds 27.32.1 (t27 ld sp32 cp1)"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "client builds 28.0.0 (t28 l10n)"
},
{
"model": "webex t27 sp28",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 sp25 ep3",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 sp23",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 sp21 ep9",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 sp11 ep23",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 ld sp32 cp1",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 ld sp32",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 lc sp25 ep9",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 lc sp25 ep10",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 lb sp21 ep10",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 l sp11 ep26",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 fr20",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t26 sp49 ep40",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex 27lc sp22",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex 27lb sp21 ep3",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "27.00"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "26.00"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "27.32.1"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "27.11.26"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "28.0.0"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "27.25.10"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "27.21.10"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "27.10"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "26.49.32"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)27.11.8"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)26.49.35"
},
{
"model": "webex (mac os t27 sp28",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 sp25 ep3",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 sp23",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 sp21 ep9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 sp11 ep23",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 ld sp32 cp1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 ld sp32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 lc sp25 ep9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 lc sp25 ep10",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 lb sp21 ep10",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 l sp11 ep26",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 fr20",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t26 sp49 ep40",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os 27lc sp22",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os 27lb sp21 ep3",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)27.00"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)26.00"
},
{
"model": "webex (ma t27 ld sp32",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "27.11.8"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "26.49.35"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "28"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "27"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "54213"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002942"
},
{
"db": "NVD",
"id": "CVE-2012-3054"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-526"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "27.11.26",
"versionStartIncluding": "27.11.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "27.21.10",
"versionStartIncluding": "27.21.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "27.25.11",
"versionStartIncluding": "27.25.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "27.32.2",
"versionStartIncluding": "27.32.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "28.0.1",
"versionStartIncluding": "28.0.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-3054"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "iDefense and Microsoft Vulnerability Research (MSVR)",
"sources": [
{
"db": "BID",
"id": "54213"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-526"
}
],
"trust": 0.9
},
"cve": "CVE-2012-3054",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2012-3054",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-56335",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-3054",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201206-526",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-56335",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-56335"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002942"
},
{
"db": "NVD",
"id": "CVE-2012-3054"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-526"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Heap-based buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27 LC before SP25 EP11, T27 LD before SP32 CP2, and T28 L10N before SP1 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCtz72977. Cisco WebEx Recording Format (WRF) player Contains a heap-based buffer overflow vulnerability. The problem is Bug ID CSCtz72977 It is a problem.Skillfully crafted by a third party WRF An arbitrary code may be executed via the file. Cisco WebEx is prone to multiple remote buffer-overflow vulnerabilities because it fails to perform adequate boundary-checks on user-supplied data. \nAn attacker can exploit these issues to execute arbitrary code with the privileges of the affected application. Failed exploit attempts will result in a denial-of-service condition. Cisco WebEx is a set of Web conferencing tools developed by American Cisco (Cisco), which can assist office workers in different places to coordinate and cooperate. WebEx services include Web conferencing, telepresence video conferencing and enterprise instant messaging (IM). ----------------------------------------------------------------------\n\nBecome a PSI 3.0 beta tester!\nTest-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. \nDownload it here!\nhttp://secunia.com/psi_30_beta_launch\n\n----------------------------------------------------------------------\n\nTITLE:\nCisco WebEx Player WRF Processing Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA49750\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/49750/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49750\n\nRELEASE DATE:\n2012-06-28\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/49750/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/49750/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49750\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in WebEx Recording Format\nPlayer, which can be exploited by malicious people to compromise a\nuser\u0027s system. \n\n2) An error when processing the JPEG DHT chunk within a WRF file can\nbe exploited to cause a stack-based buffer overflow. \n\n3) An unspecified error when processing WRF files can be exploited to\ncorrupt memory. \n\nSuccessful exploitation of the vulnerabilities may allow execution of\narbitrary code. \n\nThe vulnerabilities are reported in the following versions:\n* Client builds 28.0.0 (T28 L10N). \n* Client builds 27.32.1 (T27 LD SP32 CP1) and prior. \n* Client builds 27.25.10 (T27 LC SP25 EP10) and prior. \n* Client builds 27.21.10 (T27 LB SP21 EP10) and prior. \n* Client builds 27.11.26 (T27 L SP11 EP26) and prior. \n\nSOLUTION:\nUpdate to a fixed client build (please see the vendor\u0027s advisory for\ndetails). \n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits iDefense and Microsoft Vulnerability Research\n(MSVR). \n\nORIGINAL ADVISORY:\nCisco:\nhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120627-webex\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-3054"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002942"
},
{
"db": "BID",
"id": "54213"
},
{
"db": "VULHUB",
"id": "VHN-56335"
},
{
"db": "PACKETSTORM",
"id": "114290"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-3054",
"trust": 2.8
},
{
"db": "BID",
"id": "54213",
"trust": 0.9
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002942",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201206-526",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "49750",
"trust": 0.7
},
{
"db": "CISCO",
"id": "20120627 BUFFER OVERFLOW VULNERABILITIES IN THE CISCO WEBEX PLAYER",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "19900",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-56335",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "114290",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-56335"
},
{
"db": "BID",
"id": "54213"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002942"
},
{
"db": "PACKETSTORM",
"id": "114290"
},
{
"db": "NVD",
"id": "CVE-2012-3054"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-526"
}
]
},
"id": "VAR-201206-0109",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-56335"
}
],
"trust": 0.7296153719999999
},
"last_update_date": "2023-12-18T12:10:04.652000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20120627-webex",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20120627-webex"
},
{
"title": "26206",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=26206"
},
{
"title": "cisco-sa-20120627-webex",
"trust": 0.8,
"url": "http://www.cisco.com/cisco/web/support/jp/111/1115/1115508_cisco-sa-20120627-webex-j.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-002942"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-56335"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002942"
},
{
"db": "NVD",
"id": "CVE-2012-3054"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20120627-webex"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3054"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-3054"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/49750"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/54213"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/19900"
},
{
"trust": 0.3,
"url": "http://www.webex.com/"
},
{
"trust": 0.1,
"url": "http://secunia.com/psi_30_beta_launch"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49750"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/49750/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/49750/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-56335"
},
{
"db": "BID",
"id": "54213"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002942"
},
{
"db": "PACKETSTORM",
"id": "114290"
},
{
"db": "NVD",
"id": "CVE-2012-3054"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-526"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-56335"
},
{
"db": "BID",
"id": "54213"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002942"
},
{
"db": "PACKETSTORM",
"id": "114290"
},
{
"db": "NVD",
"id": "CVE-2012-3054"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-526"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-06-29T00:00:00",
"db": "VULHUB",
"id": "VHN-56335"
},
{
"date": "2012-06-27T00:00:00",
"db": "BID",
"id": "54213"
},
{
"date": "2012-07-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-002942"
},
{
"date": "2012-06-28T06:12:23",
"db": "PACKETSTORM",
"id": "114290"
},
{
"date": "2012-06-29T14:55:01.063000",
"db": "NVD",
"id": "CVE-2012-3054"
},
{
"date": "2012-06-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201206-526"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-03T00:00:00",
"db": "VULHUB",
"id": "VHN-56335"
},
{
"date": "2015-03-19T09:40:00",
"db": "BID",
"id": "54213"
},
{
"date": "2012-07-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-002942"
},
{
"date": "2018-12-03T13:49:50.237000",
"db": "NVD",
"id": "CVE-2012-3054"
},
{
"date": "2012-06-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201206-526"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201206-526"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco WebEx Recording Format player Heap-based buffer overflow vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-002942"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201206-526"
}
],
"trust": 0.6
}
}
var-200912-0441
Vulnerability from variot
Heap-based buffer overflow in atas32.dll in the Cisco WebEx WRF Player 26.x before 26.49.32 (aka T26SP49EP32) for Windows, 27.x before 27.10.x (aka T27SP10) for Windows, 26.x before 26.49.35 for Mac OS X and Linux, and 27.x before 27.11.8 for Mac OS X and Linux allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted WebEx Recording Format (WRF) file, a different vulnerability than CVE-2009-2878 and CVE-2009-2879. Cisco WebEx WRF Player of atas32.dll Contains a heap-based buffer overflow vulnerability. This vulnerability CVE-2009-2878 and CVE-2009-2879 Is a different vulnerability.Skillfully crafted by a third party WebEx Recording Format (WRF) Service disruption via file (DoS) Could be put into a state or execute arbitrary code. Cisco WebEx is prone to multiple remote buffer-overflow vulnerabilities because the software fails to perform adequate boundary checks on user-supplied data. An attacker can exploit these issues to execute arbitrary code with administrative privileges. Successful exploits will completely compromise affected computers. Failed exploit attempts will result in a denial-of-service condition. This vulnerability is different from CVE-2009-2878 and CVE-2009-2879. ----------------------------------------------------------------------
Do you have VARM strategy implemented?
(Vulnerability Assessment Remediation Management)
If not, then implement it through the most reliable vulnerability intelligence source on the market.
Implement it through Secunia.
ORIGINAL ADVISORY: Cisco: http://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Cisco Security Advisory: Multiple Cisco WebEx WRF Player Vulnerabilities
Advisory ID: cisco-sa-20091216-webex
http://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml
Revision 1.0
For Public Release 2009 December 16 1600 UTC (GMT)
Summary
Multiple buffer overflow vulnerabilities exist in the Cisco WebEx Recording Format (WRF) Player.
The Cisco WebEx WRF Player is an application that is used to play back WebEx meeting recordings that have been recorded on the computer of an on-line meeting attendee. The WRF Player can be automatically installed when the user accesses a WRF file that is hosted on a WebEx server. The WRF Player can also be manually installed for offline playback after downloading the application from www.webex.com.
If the WRF Player was automatically installed, the WebEx WRF Player will be automatically upgraded to the latest, non-vulnerable version when users access a WRF file hosted on a WebEx server. If the WebEx WRF Player was manually installed, users will need to manually install a new version of the player after downloading the latest version from www.webex.com.
Cisco has released free software updates that address these vulnerabilities.
This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml.
Affected Products
Vulnerable Products
The vulnerabilities disclosed in this advisory affect the Cisco WebEx WRF Player. Microsoft Windows, Apple Mac OS X, and Linux versions of the player are affected. Affected versions of the WRF Player are those prior to the "first fixed" versions, which are shown in the section "Software Versions and Fixes" of this advisory.
To check if a Cisco WebEx server is running an affected version of the WebEx client build, users can log in to their Cisco WebEx server and go to the Support -> Downloads section. The version of the WebEx client build will be displayed on the right-hand side of the page under "About Support Center", for example "Client build: 27.11.0.3328".
There is no way to check if a manually installed version of the WRF Player is affected by these vulnerabilities. Therefore, Cisco recommends that users upgrade to the most current version of the player that is available from http://www.webex.com/downloadplayer.html.
Products Confirmed Not Vulnerable
The Cisco WebEx Player for the WebEx Advanced Recording Format (ARF) file format is not affected by these vulnerabilities.
No other Cisco products are currently known to be affected by these vulnerabilities.
Details
The WebEx meeting service is a hosted multimedia conferencing solution that is managed by and maintained by Cisco WebEx. The WebEx Recording Format (WRF) is a file format that is used to store WebEx meeting recordings that have been recorded on the computer of an on-line meeting attendee. The WRF Player is an application that is used to play back and edit WRF files (files with .wrf extensions). The WRF Player can be automatically installed when the user accesses a WRF file that is hosted on a WebEx server (stream playback mode). The WRF Player can also be manually installed after downloading the application from www.webex.com to play back WRF files locally (offline playback mode). The vulnerabilities may lead to a crash of the WRF Player application, or in some cases, lead to remote code execution.
To exploit a vulnerability, a malicious WRF file would need to be opened by the WRF Player application. An attacker may be able to accomplish this by providing the malicious WRF file directly to users (for example, via e-mail), or by convincing users to visit a malicious website. The vulnerability cannot be triggered by users attending a WebEx meeting.
These vulnerabilities have been assigned the following Common Vulnerabilities and Exposures (CVE) identifiers:
- CVE-2009-2875
- CVE-2009-2876
- CVE-2009-2877
- CVE-2009-2878
- CVE-2009-2879
- CVE-2009-2880
Vulnerability Scoring Details
Cisco has provided scores for the vulnerabilities in this advisory based on the Common Vulnerability Scoring System (CVSS). The CVSS scoring in this Security Advisory is done in accordance with CVSS version 2.0.
CVSS is a standards-based scoring method that conveys vulnerability severity and helps determine urgency and priority of response.
Cisco has provided a base and temporal score. Customers can then compute environmental scores to assist in determining the impact of the vulnerability in individual networks.
Cisco has provided an FAQ to answer additional questions regarding CVSS at:
http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html
Cisco has also provided a CVSS calculator to help compute the environmental impact for individual networks at:
http://intellishield.cisco.com/security/alertmanager/cvss
- Multiple Cisco WebEx Player Buffer Overflow Vulnerabilities (all vulnerabilities in this advisory)
CVSS Base Score - 9.3 Access Vector - Network Access Complexity - Medium Authentication - None Confidentiality Impact - Complete Integrity Impact - Complete Availability Impact - Complete
CVSS Temporal Score - 7.7 Exploitability - Functional Remediation Level - Official-Fix Report Confidence - Confirmed
Impact
Successful exploitation of the vulnerabilities described in this document could result in a crash of the Cisco WebEx WRF Player application, and in some cases, allow a remote attacker to execute arbitrary code on the targeted system with the privileges of the user running the WRF Player application.
Software Versions and Fixes
The table below contains "First Fixed" information for the Cisco WebEx WRF Player that is automatically downloaded from a WebEx site when a WRF hosted on a WebEx site is accessed (stream playback mode). Fixes are cumulative within a major release so for example, if release 27.10.1 is fixed, then release 27.10.2 will have the fix too.
+------------------------------------------------------------+ | Platform | Major Release 26.x | Major Release 27.x | |-----------+---------------------+--------------------------| | Microsoft | 26.49.32; available | 27.10.x; available now | | Windows | now except lockdown | for non-PSO and | | | sites | non-lockdown sites | |-----------+---------------------+--------------------------| | | 26.49.35; available | 27.11.8; available now | | Mac OS X | early February 2010 | for non-PSO and | | | | non-lockdown sites | |-----------+---------------------+--------------------------| | | 26.49.35; available | 27.11.8; available now | | Linux | early February 2010 | for non-PSO and | | | | non-lockdown sites | +------------------------------------------------------------+
PSO and lockdown sites running 27.x will receive the fixes for these vulnerabilities during the next emergency patching (EP) cycle. This advisory will be updated to indicate a specific timeline once one is available.
If the WRF Player was automatically installed, the WebEx WRF Player will be automatically upgraded to the latest, non-vulnerable version when users access a WRF file hosted on a WebEx server.
If the WebEx WRF Player was manually installed, users will need to manually install a new version of the player after downloading the latest version from www.webex.com.
Workarounds
There are no workarounds for the vulnerabilities disclosed in this advisory.
Obtaining Fixed Software
Cisco has released free software updates that address these vulnerabilities. Prior to deploying software, customers should consult their maintenance provider or check the software for feature set compatibility and known issues specific to their environment.
Customers may only install and expect support for the feature sets they have purchased. By installing, downloading, accessing or otherwise using such software upgrades, customers agree to be bound by the terms of Cisco's software license terms found at http://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html, or as otherwise set forth at Cisco.com Downloads at http://www.cisco.com/public/sw-center/sw-usingswc.shtml.
Do not contact psirt@cisco.com or security-alert@cisco.com for software upgrades.
Customers that need additional information can contact WebEx Global Support Services and Technical Support. WebEx Global Support Services and Technical Support can be reached through the WebEx support site at http://support.webex.com/support/support-overview.html or by phone at +1-866-229-3239 or +1-408-435-7088.
Customers outside of the United States can reference the following link for local support numbers:
http://support.webex.com/support/phone-numbers.html
Exploitation and Public Announcements
The Cisco PSIRT is not aware of malicious use of the vulnerabilities described in this advisory.
These vulnerabilities were discovered and reported to Cisco by Xiaopeng Zhang and Zhenhua Liu of Fortinet's FortiGuard Labs. The FortiGuard Labs advisory is available at http://www.fortiguard.com. Cisco would like to thank FortiGuard Labs for reporting these vulnerabilities to us and for working with us on a coordinated disclosure.
Status of this Notice: FINAL
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.
A stand-alone copy or Paraphrase of the text of this document that omits the distribution URL in the following section is an uncontrolled copy, and may lack important information or contain factual errors.
Distribution
This advisory is posted on Cisco's worldwide website at:
http://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml
In addition to worldwide web posting, a text version of this notice is clear-signed with the Cisco PSIRT PGP key and is posted to the following e-mail and Usenet news recipients.
- cust-security-announce@cisco.com
- first-bulletins@lists.first.org
- bugtraq@securityfocus.com
- vulnwatch@vulnwatch.org
- cisco@spot.colorado.edu
- cisco-nsp@puck.nether.net
- full-disclosure@lists.grok.org.uk
- comp.dcom.sys.cisco@newsgate.cisco.com
Future updates of this advisory, if any, will be placed on Cisco's worldwide website, but may or may not be actively announced on mailing lists or newsgroups. Users concerned about this problem are encouraged to check the above URL for any updates.
Revision History
+------------------------------------------------------------+ | Revision 1.0 | 2009-December-16 | Initial public release | +------------------------------------------------------------+
Cisco Security Procedures
Complete information on reporting security vulnerabilities in Cisco products, obtaining assistance with security incidents, and registering to receive security information from Cisco, is available on Cisco's worldwide website at http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html. This includes instructions for press inquiries regarding Cisco security notices. All Cisco security advisories are available at http://www.cisco.com/go/psirt.
+-------------------------------------------------------------------- Copyright 2008-2009 Cisco Systems, Inc. All rights reserved. +--------------------------------------------------------------------
Updated: Dec 16, 2009 Document ID: 110946 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkspCQMACgkQ86n/Gc8U/uCn+QCeLaUWmiHsetXDoJsynUbgsmHs IDgAnRhmTkrcs2NhAQ7Dq8+eJqofkHSh =KaHv -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200912-0441",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webex",
"scope": "eq",
"trust": 2.2,
"vendor": "cisco",
"version": "27.00"
},
{
"model": "webex",
"scope": "eq",
"trust": 2.2,
"vendor": "cisco",
"version": "26.00"
},
{
"model": "webex",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "wrf player (linux) 26.49.35"
},
{
"model": "webex",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "wrf player (linux) 27.11.8"
},
{
"model": "webex",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "wrf player (mac os x) 26.49.35"
},
{
"model": "webex",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "wrf player (mac os x) 27.11.8"
},
{
"model": "webex",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "wrf player (windows) 26.49.32"
},
{
"model": "webex",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "wrf player (windows) 27.10.x"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)27.00"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)26.00"
},
{
"model": "webex",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "27.10"
},
{
"model": "webex",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "26.49.32"
},
{
"model": "webex (mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x)27.11.8"
},
{
"model": "webex (mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x)26.49.35"
},
{
"model": "webex",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "27.11.8"
},
{
"model": "webex",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "26.49.35"
}
],
"sources": [
{
"db": "BID",
"id": "37352"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002682"
},
{
"db": "NVD",
"id": "CVE-2009-2876"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-259"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex:27.00:*:mac_os_x:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex:27.00:*:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex:27.00:*:linux:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex:26.00:*:linux:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex:26.00:*:mac_os_x:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex:26.00:*:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2009-2876"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Xiaopeng ZhangZhenhua Liu\u203b zhliu@fortinet.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200912-259"
}
],
"trust": 0.6
},
"cve": "CVE-2009-2876",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2009-2876",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-40322",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2009-2876",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200912-259",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-40322",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-40322"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002682"
},
{
"db": "NVD",
"id": "CVE-2009-2876"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-259"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Heap-based buffer overflow in atas32.dll in the Cisco WebEx WRF Player 26.x before 26.49.32 (aka T26SP49EP32) for Windows, 27.x before 27.10.x (aka T27SP10) for Windows, 26.x before 26.49.35 for Mac OS X and Linux, and 27.x before 27.11.8 for Mac OS X and Linux allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted WebEx Recording Format (WRF) file, a different vulnerability than CVE-2009-2878 and CVE-2009-2879. Cisco WebEx WRF Player of atas32.dll Contains a heap-based buffer overflow vulnerability. This vulnerability CVE-2009-2878 and CVE-2009-2879 Is a different vulnerability.Skillfully crafted by a third party WebEx Recording Format (WRF) Service disruption via file (DoS) Could be put into a state or execute arbitrary code. Cisco WebEx is prone to multiple remote buffer-overflow vulnerabilities because the software fails to perform adequate boundary checks on user-supplied data. \nAn attacker can exploit these issues to execute arbitrary code with administrative privileges. Successful exploits will completely compromise affected computers. Failed exploit attempts will result in a denial-of-service condition. This vulnerability is different from CVE-2009-2878 and CVE-2009-2879. ----------------------------------------------------------------------\n\nDo you have VARM strategy implemented?\n\n(Vulnerability Assessment Remediation Management) \n\nIf not, then implement it through the most reliable vulnerability\nintelligence source on the market. \n\nImplement it through Secunia. \n\nORIGINAL ADVISORY:\nCisco:\nhttp://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nCisco Security Advisory: Multiple Cisco WebEx WRF Player Vulnerabilities\n\nAdvisory ID: cisco-sa-20091216-webex\n\nhttp://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml\n\nRevision 1.0\n\nFor Public Release 2009 December 16 1600 UTC (GMT)\n\nSummary\n=======\n\nMultiple buffer overflow vulnerabilities exist in the Cisco WebEx\nRecording Format (WRF) Player. \n\nThe Cisco WebEx WRF Player is an application that is used to play back\nWebEx meeting recordings that have been recorded on the computer of an\non-line meeting attendee. The WRF Player can be automatically installed\nwhen the user accesses a WRF file that is hosted on a WebEx server. The\nWRF Player can also be manually installed for offline playback after\ndownloading the application from www.webex.com. \n\nIf the WRF Player was automatically installed, the WebEx WRF Player\nwill be automatically upgraded to the latest, non-vulnerable version\nwhen users access a WRF file hosted on a WebEx server. If the WebEx\nWRF Player was manually installed, users will need to manually install\na new version of the player after downloading the latest version from\nwww.webex.com. \n\nCisco has released free software updates that address these\nvulnerabilities. \n\nThis advisory is posted at\nhttp://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml. \n\nAffected Products\n=================\n\nVulnerable Products\n- -------------------\n\nThe vulnerabilities disclosed in this advisory affect the Cisco WebEx\nWRF Player. Microsoft Windows, Apple Mac OS X, and Linux versions of the\nplayer are affected. Affected versions of the WRF Player are those prior\nto the \"first fixed\" versions, which are shown in the section \"Software\nVersions and Fixes\" of this advisory. \n\nTo check if a Cisco WebEx server is running an affected version of the\nWebEx client build, users can log in to their Cisco WebEx server and go\nto the Support -\u003e Downloads section. The version of the WebEx client\nbuild will be displayed on the right-hand side of the page under \"About\nSupport Center\", for example \"Client build: 27.11.0.3328\". \n\nThere is no way to check if a manually installed version of the WRF\nPlayer is affected by these vulnerabilities. Therefore, Cisco recommends\nthat users upgrade to the most current version of the player that is\navailable from http://www.webex.com/downloadplayer.html. \n\nProducts Confirmed Not Vulnerable\n- ---------------------------------\n\nThe Cisco WebEx Player for the WebEx Advanced Recording Format (ARF)\nfile format is not affected by these vulnerabilities. \n\nNo other Cisco products are currently known to be affected by these\nvulnerabilities. \n\nDetails\n=======\n\nThe WebEx meeting service is a hosted multimedia conferencing solution\nthat is managed by and maintained by Cisco WebEx. The WebEx Recording\nFormat (WRF) is a file format that is used to store WebEx meeting\nrecordings that have been recorded on the computer of an on-line meeting\nattendee. The WRF Player is an application that is used to play back\nand edit WRF files (files with .wrf extensions). The WRF Player can be\nautomatically installed when the user accesses a WRF file that is hosted\non a WebEx server (stream playback mode). The WRF Player can also be\nmanually installed after downloading the application from www.webex.com\nto play back WRF files locally (offline playback mode). The\nvulnerabilities may lead to a crash of the WRF Player application, or in\nsome cases, lead to remote code execution. \n\nTo exploit a vulnerability, a malicious WRF file would need to be opened\nby the WRF Player application. An attacker may be able to accomplish\nthis by providing the malicious WRF file directly to users (for example,\nvia e-mail), or by convincing users to visit a malicious website. The\nvulnerability cannot be triggered by users attending a WebEx meeting. \n\nThese vulnerabilities have been assigned the following Common\nVulnerabilities and Exposures (CVE) identifiers:\n\n * CVE-2009-2875\n * CVE-2009-2876\n * CVE-2009-2877\n * CVE-2009-2878\n * CVE-2009-2879\n * CVE-2009-2880\n\nVulnerability Scoring Details\n=============================\n\nCisco has provided scores for the vulnerabilities in this advisory based\non the Common Vulnerability Scoring System (CVSS). The CVSS scoring in\nthis Security Advisory is done in accordance with CVSS version 2.0. \n\nCVSS is a standards-based scoring method that conveys vulnerability\nseverity and helps determine urgency and priority of response. \n\nCisco has provided a base and temporal score. Customers can then\ncompute environmental scores to assist in determining the impact of the\nvulnerability in individual networks. \n\nCisco has provided an FAQ to answer additional questions regarding CVSS\nat:\n\nhttp://www.cisco.com/web/about/security/intelligence/cvss-qandas.html\n\nCisco has also provided a CVSS calculator to help compute the\nenvironmental impact for individual networks at:\n\nhttp://intellishield.cisco.com/security/alertmanager/cvss\n\n* Multiple Cisco WebEx Player Buffer Overflow Vulnerabilities (all\nvulnerabilities in this advisory)\n\nCVSS Base Score - 9.3\n Access Vector - Network\n Access Complexity - Medium\n Authentication - None\n Confidentiality Impact - Complete\n Integrity Impact - Complete\n Availability Impact - Complete\n\nCVSS Temporal Score - 7.7\n Exploitability - Functional\n Remediation Level - Official-Fix\n Report Confidence - Confirmed\n\nImpact\n======\n\nSuccessful exploitation of the vulnerabilities described in this\ndocument could result in a crash of the Cisco WebEx WRF Player\napplication, and in some cases, allow a remote attacker to execute\narbitrary code on the targeted system with the privileges of the user\nrunning the WRF Player application. \n\nSoftware Versions and Fixes\n===========================\n\nThe table below contains \"First Fixed\" information for the Cisco WebEx\nWRF Player that is automatically downloaded from a WebEx site when a WRF\nhosted on a WebEx site is accessed (stream playback mode). Fixes are\ncumulative within a major release so for example, if release 27.10.1 is\nfixed, then release 27.10.2 will have the fix too. \n\n+------------------------------------------------------------+\n| Platform | Major Release 26.x | Major Release 27.x |\n|-----------+---------------------+--------------------------|\n| Microsoft | 26.49.32; available | 27.10.x; available now |\n| Windows | now except lockdown | for non-PSO and |\n| | sites | non-lockdown sites |\n|-----------+---------------------+--------------------------|\n| | 26.49.35; available | 27.11.8; available now |\n| Mac OS X | early February 2010 | for non-PSO and |\n| | | non-lockdown sites |\n|-----------+---------------------+--------------------------|\n| | 26.49.35; available | 27.11.8; available now |\n| Linux | early February 2010 | for non-PSO and |\n| | | non-lockdown sites |\n+------------------------------------------------------------+\n\nPSO and lockdown sites running 27.x will receive the fixes for these\nvulnerabilities during the next emergency patching (EP) cycle. This\nadvisory will be updated to indicate a specific timeline once one is\navailable. \n\nIf the WRF Player was automatically installed, the WebEx WRF Player will\nbe automatically upgraded to the latest, non-vulnerable version when\nusers access a WRF file hosted on a WebEx server. \n\nIf the WebEx WRF Player was manually installed, users will need to\nmanually install a new version of the player after downloading the\nlatest version from www.webex.com. \n\nWorkarounds\n===========\n\nThere are no workarounds for the vulnerabilities disclosed in this\nadvisory. \n\nObtaining Fixed Software\n========================\n\nCisco has released free software updates that address these\nvulnerabilities. Prior to deploying software, customers should consult\ntheir maintenance provider or check the software for feature set\ncompatibility and known issues specific to their environment. \n\nCustomers may only install and expect support for the feature\nsets they have purchased. By installing, downloading, accessing\nor otherwise using such software upgrades, customers agree to be\nbound by the terms of Cisco\u0027s software license terms found at\nhttp://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html,\nor as otherwise set forth at Cisco.com Downloads at\nhttp://www.cisco.com/public/sw-center/sw-usingswc.shtml. \n\nDo not contact psirt@cisco.com or security-alert@cisco.com for software\nupgrades. \n\nCustomers that need additional information can contact WebEx Global\nSupport Services and Technical Support. WebEx Global Support Services\nand Technical Support can be reached through the WebEx support site at\nhttp://support.webex.com/support/support-overview.html or by phone at\n+1-866-229-3239 or +1-408-435-7088. \n\nCustomers outside of the United States can reference the following link\nfor local support numbers:\n\nhttp://support.webex.com/support/phone-numbers.html\n\nExploitation and Public Announcements\n=====================================\n\nThe Cisco PSIRT is not aware of malicious use of the vulnerabilities\ndescribed in this advisory. \n\nThese vulnerabilities were discovered and reported to Cisco by Xiaopeng\nZhang and Zhenhua Liu of Fortinet\u0027s FortiGuard Labs. The FortiGuard Labs\nadvisory is available at http://www.fortiguard.com. Cisco would like to\nthank FortiGuard Labs for reporting these vulnerabilities to us and for\nworking with us on a coordinated disclosure. \n\nStatus of this Notice: FINAL\n============================\n\nTHIS DOCUMENT IS PROVIDED ON AN \"AS IS\" BASIS AND DOES NOT IMPLY\nANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF\nMERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE\nINFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS\nAT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS\nDOCUMENT AT ANY TIME. \n\nA stand-alone copy or Paraphrase of the text of this document that omits\nthe distribution URL in the following section is an uncontrolled copy,\nand may lack important information or contain factual errors. \n\nDistribution\n============\n\nThis advisory is posted on Cisco\u0027s worldwide website at:\n\nhttp://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml\n\nIn addition to worldwide web posting, a text version of this notice is\nclear-signed with the Cisco PSIRT PGP key and is posted to the following\ne-mail and Usenet news recipients. \n\n * cust-security-announce@cisco.com\n * first-bulletins@lists.first.org\n * bugtraq@securityfocus.com\n * vulnwatch@vulnwatch.org\n * cisco@spot.colorado.edu\n * cisco-nsp@puck.nether.net\n * full-disclosure@lists.grok.org.uk\n * comp.dcom.sys.cisco@newsgate.cisco.com\n\nFuture updates of this advisory, if any, will be placed on Cisco\u0027s\nworldwide website, but may or may not be actively announced on mailing\nlists or newsgroups. Users concerned about this problem are encouraged\nto check the above URL for any updates. \n\nRevision History\n================\n\n+------------------------------------------------------------+\n| Revision 1.0 | 2009-December-16 | Initial public release |\n+------------------------------------------------------------+\n\nCisco Security Procedures\n=========================\n\nComplete information on reporting security vulnerabilities in\nCisco products, obtaining assistance with security incidents, and\nregistering to receive security information from Cisco, is available\non Cisco\u0027s worldwide website at\nhttp://www.cisco.com/en/US/products/products_security_vulnerability_policy.html. \nThis includes instructions for press inquiries regarding Cisco security\nnotices. All Cisco security advisories are available at\nhttp://www.cisco.com/go/psirt. \n\n+--------------------------------------------------------------------\nCopyright 2008-2009 Cisco Systems, Inc. All rights reserved. \n+--------------------------------------------------------------------\n\nUpdated: Dec 16, 2009 Document ID: 110946\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.9 (GNU/Linux)\n\niEYEARECAAYFAkspCQMACgkQ86n/Gc8U/uCn+QCeLaUWmiHsetXDoJsynUbgsmHs\nIDgAnRhmTkrcs2NhAQ7Dq8+eJqofkHSh\n=KaHv\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2009-2876"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002682"
},
{
"db": "BID",
"id": "37352"
},
{
"db": "VULHUB",
"id": "VHN-40322"
},
{
"db": "PACKETSTORM",
"id": "84023"
},
{
"db": "PACKETSTORM",
"id": "83934"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2009-2876",
"trust": 2.9
},
{
"db": "BID",
"id": "37352",
"trust": 2.8
},
{
"db": "SECUNIA",
"id": "37810",
"trust": 2.6
},
{
"db": "SECTRACK",
"id": "1023360",
"trust": 2.5
},
{
"db": "OSVDB",
"id": "61126",
"trust": 2.5
},
{
"db": "VUPEN",
"id": "ADV-2009-3574",
"trust": 1.7
},
{
"db": "XF",
"id": "54991",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002682",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200912-259",
"trust": 0.7
},
{
"db": "XF",
"id": "54841",
"trust": 0.6
},
{
"db": "CISCO",
"id": "20091216 MULTIPLE CISCO WEBEX WRF PLAYER VULNERABILITIES",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-40322",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "84023",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "83934",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-40322"
},
{
"db": "BID",
"id": "37352"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002682"
},
{
"db": "PACKETSTORM",
"id": "84023"
},
{
"db": "PACKETSTORM",
"id": "83934"
},
{
"db": "NVD",
"id": "CVE-2009-2876"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-259"
}
]
},
"id": "VAR-200912-0441",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-40322"
}
],
"trust": 0.725
},
"last_update_date": "2023-12-18T12:22:44.522000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20091216-webex",
"trust": 0.8,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml"
},
{
"title": "22661",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22661\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
},
{
"title": "22662",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22662\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
},
{
"title": "22663",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22663\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
},
{
"title": "22799",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22799\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
},
{
"title": "23040",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=23040\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
},
{
"title": "19499",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=19499"
},
{
"title": "22660",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22660\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002682"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-40322"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002682"
},
{
"db": "NVD",
"id": "CVE-2009-2876"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/37352"
},
{
"trust": 2.5,
"url": "http://www.osvdb.org/61126"
},
{
"trust": 2.5,
"url": "http://securitytracker.com/id?1023360"
},
{
"trust": 2.5,
"url": "http://secunia.com/advisories/37810"
},
{
"trust": 1.7,
"url": "http://www.cisco.com/en/us/products/products_security_advisory09186a0080b0a577.shtml"
},
{
"trust": 1.7,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=19499"
},
{
"trust": 1.7,
"url": "http://fgc.fortinet.com/encyclopedia/vulnerability/fg-vd-09-012-cisco.html"
},
{
"trust": 1.7,
"url": "http://www.fortiguard.com/advisory/fga-2009-48.html"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2009/3574"
},
{
"trust": 1.6,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22660\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
},
{
"trust": 1.6,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22661\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
},
{
"trust": 1.6,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22662\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
},
{
"trust": 1.6,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22663\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
},
{
"trust": 1.6,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22799\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
},
{
"trust": 1.6,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=23040\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54841"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2876"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/54991"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-2876"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/54841"
},
{
"trust": 0.5,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml"
},
{
"trust": 0.3,
"url": "http://www.webex.com/"
},
{
"trust": 0.3,
"url": "/archive/1/508512"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22660\u0026amp;signaturesubid=0\u0026amp;softwareversion=6.0\u0026amp;releaseversion=s456"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22661\u0026amp;signaturesubid=0\u0026amp;softwareversion=6.0\u0026amp;releaseversion=s456"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22662\u0026amp;signaturesubid=0\u0026amp;softwareversion=6.0\u0026amp;releaseversion=s456"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22663\u0026amp;signaturesubid=0\u0026amp;softwareversion=6.0\u0026amp;releaseversion=s456"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22799\u0026amp;signaturesubid=0\u0026amp;softwareversion=6.0\u0026amp;releaseversion=s456"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=23040\u0026amp;signaturesubid=0\u0026amp;softwareversion=6.0\u0026amp;releaseversion=s456"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/37810/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/business_solutions/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2878"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2880"
},
{
"trust": 0.1,
"url": "http://support.webex.com/support/phone-numbers.html"
},
{
"trust": 0.1,
"url": "http://www.fortiguard.com."
},
{
"trust": 0.1,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml."
},
{
"trust": 0.1,
"url": "http://www.cisco.com/en/us/products/products_security_vulnerability_policy.html."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2876"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2875"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/go/psirt."
},
{
"trust": 0.1,
"url": "http://www.webex.com/downloadplayer.html."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2877"
},
{
"trust": 0.1,
"url": "https://www.webex.com."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2879"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/public/sw-center/sw-usingswc.shtml."
},
{
"trust": 0.1,
"url": "http://support.webex.com/support/support-overview.html"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/en/us/docs/general/warranty/english/eu1ken_.html,"
},
{
"trust": 0.1,
"url": "http://intellishield.cisco.com/security/alertmanager/cvss"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-40322"
},
{
"db": "BID",
"id": "37352"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002682"
},
{
"db": "PACKETSTORM",
"id": "84023"
},
{
"db": "PACKETSTORM",
"id": "83934"
},
{
"db": "NVD",
"id": "CVE-2009-2876"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-259"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-40322"
},
{
"db": "BID",
"id": "37352"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002682"
},
{
"db": "PACKETSTORM",
"id": "84023"
},
{
"db": "PACKETSTORM",
"id": "83934"
},
{
"db": "NVD",
"id": "CVE-2009-2876"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-259"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-12-18T00:00:00",
"db": "VULHUB",
"id": "VHN-40322"
},
{
"date": "2009-12-16T00:00:00",
"db": "BID",
"id": "37352"
},
{
"date": "2011-06-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-002682"
},
{
"date": "2009-12-17T17:43:52",
"db": "PACKETSTORM",
"id": "84023"
},
{
"date": "2009-12-16T23:33:50",
"db": "PACKETSTORM",
"id": "83934"
},
{
"date": "2009-12-18T19:30:00.343000",
"db": "NVD",
"id": "CVE-2009-2876"
},
{
"date": "2009-12-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200912-259"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-17T00:00:00",
"db": "VULHUB",
"id": "VHN-40322"
},
{
"date": "2009-12-23T18:53:00",
"db": "BID",
"id": "37352"
},
{
"date": "2011-06-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-002682"
},
{
"date": "2017-08-17T01:30:56.460000",
"db": "NVD",
"id": "CVE-2009-2876"
},
{
"date": "2009-12-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200912-259"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "83934"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-259"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco WebEx WRF Player of atas32.dll Heap-based buffer overflow vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002682"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200912-259"
}
],
"trust": 0.6
}
}
var-201810-0633
Vulnerability from variot
A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit this vulnerability by sending a user a malicious ARF or WRF file via a link or an email attachment and persuading the user to open the file by using the affected software. A successful exploit could allow the attacker to execute arbitrary code on the affected system. Cisco Webex Network Recording Player and Webex Player Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. These issues are being tracked by Cisco Bug IDs CSCvj83752, CSCvj83767, CSCvj83771, CSCvj83793, CSCvj83797, CSCvj83803, CSCvj83818, CSCvj83824, CSCvj83831, CSCvj87929, CSCvj87934, CSCvj93870, CSCvj93877, CSCvk31089, CSCvk33049, CSCvk52510, CSCvk52518, CSCvk52521, CSCvk59945, CSCvk59949, CSCvk59950, CSCvk60158, CSCvk60163, CSCvm51315, CSCvm51318, CSCvm51361, CSCvm51371, CSCvm51373, CSCvm51374, CSCvm51382, CSCvm51386, CSCvm51391, CSCvm51393, CSCvm51396, CSCvm51398, CSCvm51412, CSCvm51413, CSCvm54531, and CSCvm54538
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201810-0633",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.9,
"vendor": "cisco",
"version": "2.8"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.9,
"vendor": "cisco",
"version": "2.7"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "2.7.1"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "2.6"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "webex business suite 33",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "33.3"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.1.29"
},
{
"model": "webex meetings online",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.37"
},
{
"model": "webex business suite 32",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "32.15.10"
},
{
"model": "webex business suite",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings online",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex",
"scope": null,
"trust": 0.7,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite 33",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "33.1"
},
{
"model": "webex business suite 33",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "33.0"
},
{
"model": "webex business suite 32",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite 33",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "33.2"
},
{
"model": "webex player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex network recording player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings server 3.0mr2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server 3.0mr1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server patch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.01"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8.1.2039"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8.1.1034"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8.1.1023"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8.1.1019"
},
{
"model": "webex meetings server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.81"
},
{
"model": "webex meetings server mr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8"
},
{
"model": "webex meetings server 2.7mr2 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.7.1.3047"
},
{
"model": "webex meetings server 2.6mr3 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.1.30"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.0.8"
},
{
"model": "webex meetings server 2.5mr6 patch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6"
},
{
"model": "webex meetings server 2.5mr2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.99.2"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.1.5"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.0.997"
},
{
"model": "webex meetings server mr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "webex meetings server base",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "webex meetings server 2.0mr2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5.1.6"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5.1.131"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5(.1.6)"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5(.1.131)"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.1"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings online",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.3.35"
},
{
"model": "webex meetings online",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex business suite wbs33",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite wbs32",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite wbs31",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server 3.0mr2 patch",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1"
},
{
"model": "webex meetings online",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.3.37"
},
{
"model": "webex business suite wbs33.4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite wbs32.15.20",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite wbs31.23",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1123"
},
{
"db": "BID",
"id": "105520"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010828"
},
{
"db": "NVD",
"id": "CVE-2018-15416"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-206"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_online:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.3.37",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5:maintenance_release6_patch4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5.1.29:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:maintenance_release1_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:maintenance_release2_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5:maintenance_release2_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5:maintenance_release6_patch2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:maintenance_release3_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7:maintenance_release1_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7:maintenance_release2_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5:maintenance_release5_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5:maintenance_release6_patch3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:maintenance_release3_patch2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7:base:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.8:base:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_business_suite_32:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "32.15.10",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_business_suite_33:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "33.3",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-15416"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Michael Flanders of the Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1123"
}
],
"trust": 0.7
},
"cve": "CVE-2018-15416",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-15416",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 1.5,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-125673",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-15416",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-15416",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2018-15416",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201810-206",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-125673",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1123"
},
{
"db": "VULHUB",
"id": "VHN-125673"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010828"
},
{
"db": "NVD",
"id": "CVE-2018-15416"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-206"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit this vulnerability by sending a user a malicious ARF or WRF file via a link or an email attachment and persuading the user to open the file by using the affected software. A successful exploit could allow the attacker to execute arbitrary code on the affected system. Cisco Webex Network Recording Player and Webex Player Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. \nThese issues are being tracked by Cisco Bug IDs CSCvj83752, CSCvj83767, CSCvj83771, CSCvj83793, CSCvj83797, CSCvj83803, CSCvj83818, CSCvj83824, CSCvj83831, CSCvj87929, CSCvj87934, CSCvj93870, CSCvj93877, CSCvk31089, CSCvk33049, CSCvk52510, CSCvk52518, CSCvk52521, CSCvk59945, CSCvk59949, CSCvk59950, CSCvk60158, CSCvk60163, CSCvm51315, CSCvm51318, CSCvm51361, CSCvm51371, CSCvm51373, CSCvm51374, CSCvm51382, CSCvm51386, CSCvm51391, CSCvm51393, CSCvm51396, CSCvm51398, CSCvm51412, CSCvm51413, CSCvm54531, and CSCvm54538",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-15416"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010828"
},
{
"db": "ZDI",
"id": "ZDI-18-1123"
},
{
"db": "BID",
"id": "105520"
},
{
"db": "VULHUB",
"id": "VHN-125673"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-15416",
"trust": 3.5
},
{
"db": "BID",
"id": "105520",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1041795",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010828",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-6317",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-1123",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201810-206",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-125673",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1123"
},
{
"db": "VULHUB",
"id": "VHN-125673"
},
{
"db": "BID",
"id": "105520"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010828"
},
{
"db": "NVD",
"id": "CVE-2018-15416"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-206"
}
]
},
"id": "VAR-201810-0633",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-125673"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:01:09.378000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20181003-webex-rce",
"trust": 1.5,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20181003-webex-rce"
},
{
"title": "Cisco Webex Network Recording Player and Webex Player Enter the fix for the verification vulnerability",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=85420"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1123"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010828"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-206"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-125673"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010828"
},
{
"db": "NVD",
"id": "CVE-2018-15416"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20181003-webex-rce"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/105520"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1041795"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-15416"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-15416"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1123"
},
{
"db": "VULHUB",
"id": "VHN-125673"
},
{
"db": "BID",
"id": "105520"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010828"
},
{
"db": "NVD",
"id": "CVE-2018-15416"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-206"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-18-1123"
},
{
"db": "VULHUB",
"id": "VHN-125673"
},
{
"db": "BID",
"id": "105520"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010828"
},
{
"db": "NVD",
"id": "CVE-2018-15416"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-206"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-08T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1123"
},
{
"date": "2018-10-05T00:00:00",
"db": "VULHUB",
"id": "VHN-125673"
},
{
"date": "2018-10-03T00:00:00",
"db": "BID",
"id": "105520"
},
{
"date": "2018-12-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010828"
},
{
"date": "2018-10-05T14:29:10.187000",
"db": "NVD",
"id": "CVE-2018-15416"
},
{
"date": "2018-10-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-206"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-08T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1123"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-125673"
},
{
"date": "2018-10-03T00:00:00",
"db": "BID",
"id": "105520"
},
{
"date": "2018-12-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010828"
},
{
"date": "2019-10-09T23:35:34.500000",
"db": "NVD",
"id": "CVE-2018-15416"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-206"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201810-206"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Webex Network Recording Player and Webex Player Input validation vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010828"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201810-206"
}
],
"trust": 0.6
}
}
var-201102-0310
Vulnerability from variot
Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted (1) .wrf or (2) .arf file, related to atas32.dll, a different vulnerability than CVE-2010-3041, CVE-2010-3042, and CVE-2010-3043. Cisco WebEx is prone to multiple remote buffer-overflow vulnerabilities because it fails to perform adequate boundary-checks on user-supplied data. Failed exploit attempts will result in a denial-of-service condition.
The Cisco WebEx Players are applications that are used to play back WebEx meeting recordings that have been recorded on the computer of an on-line meeting attendee. The players can be automatically installed when the user accesses a recording file that is hosted on a WebEx server. The player can also be manually installed for offline playback after downloading the application from www.webex.com
If the WebEx recording player was automatically installed, it will be automatically upgraded to the latest, non-vulnerable version when users access a recording file that is hosted on a WebEx server. If the WebEx recording player was manually installed, users will need to manually install a new version of the player after downloading the latest version from www.webex.com
Cisco has released free software updates that address these vulnerabilities.
This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20110201-webex.shtml.
Affected Products
Vulnerable Products +------------------
The vulnerabilities disclosed in this advisory affect the Cisco WebEx recording players. Microsoft Windows, Apple Mac OS X, and Linux versions of the player are all affected. Affected versions of the players are those prior to client builds T27LC SP22 and T27LB SP21 EP3. Customers who have contractual agreements that prevent WebEx from automatically upgrading a recording player to the latest version should contact their account manager to determine upgrade options.
To determine whether a Cisco WebEx server is running an affected version of the WebEx client build, users can log in to their Cisco WebEx server and go to the Support > Downloads section. The version of the WebEx client build will be displayed on the right side of the page under "About Support Center." See "Software Versions and Fixes" for details.
Cisco recommends that users upgrade to the most current version of the player that is available from www.webex.com/downloadplayer.html
Products Confirmed Not Vulnerable +--------------------------------
No other Cisco products are currently known to be affected by these vulnerabilities.
Details
The WebEx meeting service is a hosted multimedia conferencing solution that is managed and maintained by Cisco WebEx. The WRF and ARF file formats are used to store WebEx meeting recordings that have been recorded on the computer of an on-line meeting attendee. The players are applications that are used to play back and edit recording files (files with .wrf and .arf extensions). The recording players can be automatically installed when the user accesses a recording file that is hosted on a WebEx server (for stream playback mode). The recording players can also be manually installed after downloading the application from www.webex.com/downloadplayer.html to play back recording files locally (for offline playback mode).
Multiple buffer overflow vulnerabilities exist in the WRF and ARF players. The vulnerabilities may lead to a crash of the player application or, in some cases, remote code execution could occur.
To exploit one of these vulnerabilities, the player application would need to open a malicious WRF or ARF file. An attacker may be able to accomplish this exploit by providing the malicious recording file directly to users (for example, by using e-mail) or by directing a user to a malicious web page. The vulnerability cannot be triggered by users who are attending a WebEx meeting.
These vulnerabilities have been assigned the following Common Vulnerabilities and Exposures (CVE) identifiers:
- CVE-2010-3269
- CVE-2010-3041
- CVE-2010-3042
- CVE-2010-3043
- CVE-2010-3044
Vulnerability Scoring Details
Cisco has provided scores for the vulnerabilities in this advisory based on the Common Vulnerability Scoring System (CVSS). The CVSS scoring in this Security Advisory is done in accordance with CVSS version 2.0.
CVSS is a standards-based scoring method that conveys vulnerability severity and helps determine urgency and priority of response.
Cisco has provided a base and temporal score. Customers can then compute environmental scores to assist in determining the impact of the vulnerability in individual networks.
Cisco has provided an FAQ to answer additional questions regarding CVSS at:
http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html
Cisco has also provided a CVSS calculator to help compute the environmental impact for individual networks at:
http://intellishield.cisco.com/security/alertmanager/cvss
- Multiple Cisco WebEx Player Buffer Overflow Vulnerabilities
CVSS Base Score - 9.3 Access Vector - Network Access Complexity - Medium Authentication - None Confidentiality Impact - Complete Integrity Impact - Complete Availability Impact - Complete
CVSS Temporal Score - 7.7 Exploitability - Functional Remediation Level - Official-Fix Report Confidence - Confirmed
Impact
Successful exploitation of the vulnerabilities described in this document could result in a crash of the Cisco WebEx ARF Player or WRF Player application and, in some cases, allow a remote attacker to execute arbitrary code on the system with the privileges of the user who is running the recording player application.
Software Versions and Fixes
When considering software upgrades, also consult http://www.cisco.com/go/psirt and any subsequent advisories to determine exposure and a complete upgrade solution.
These vulnerabilities are first fixed in T27LC SP22 and T27LB SP21 EP3. For customers who are running T27LC SP22, the client build will be represented as 27.22SP.0.9253. The fix for customers who are running T27LB SP21 will be deployed by WebEx over the next few weeks. The client build will be determined after the software is deployed.
The client build is listed in the Support > Downloads section of the WebEx page after a user authenticates. WebEx bug fixes are cumulative in a major release. For example, if release 27.22SP.0 is fixed, release 27.22SP.1 will also have the software fix.
If a recording player was automatically installed, it will be automatically upgraded to the latest, nonvulnerable version when users access a recording file that is hosted on a WebEx server.
If a WebEx recording player was manually installed, users will need to manually install a new version of the player after downloading the latest version from www.webex.com/downloadplayer.html
Workarounds
There are no workarounds for the vulnerabilities disclosed in this advisory.
Obtaining Fixed Software
Cisco has released free software updates that address these vulnerabilities. Prior to deploying software, customers should consult their maintenance provider or check the software for feature set compatibility and known issues specific to their environment.
Customers may only install and expect support for the feature sets they have purchased. By installing, downloading, accessing or otherwise using such software upgrades, customers agree to be bound by the terms of Cisco's software license terms found at http://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html, or as otherwise set forth at Cisco.com Downloads at http://www.cisco.com/public/sw-center/sw-usingswc.shtml
Do not contact psirt@cisco.com or security-alert@cisco.com for software upgrades.
Exploitation and Public Announcements
The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability described in this advisory.
These vulnerabilities were either found during internal testing or reported to Cisco by a variety of sources, including Core Security, TippingPoint, and Fortinet's FortiGuard Labs.
Cisco would like to thank these organizations for reporting these vulnerabilities.
Status of this Notice: FINAL
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.
A stand-alone copy or Paraphrase of the text of this document that omits the distribution URL in the following section is an uncontrolled copy, and may lack important information or contain factual errors.
Distribution
This advisory is posted on Cisco's worldwide website at :
http://www.cisco.com/warp/public/707/cisco-sa-20110201-webex.shtml
In addition to worldwide web posting, a text version of this notice is clear-signed with the Cisco PSIRT PGP key and is posted to the following e-mail and Usenet news recipients.
- cust-security-announce@cisco.com
- first-bulletins@lists.first.org
- bugtraq@securityfocus.com
- vulnwatch@vulnwatch.org
- cisco@spot.colorado.edu
- cisco-nsp@puck.nether.net
- full-disclosure@lists.grok.org.uk
- comp.dcom.sys.cisco@newsgate.cisco.com
Future updates of this advisory, if any, will be placed on Cisco's worldwide website, but may or may not be actively announced on mailing lists or newsgroups. Users concerned about this problem are encouraged to check the above URL for any updates.
Revision History
+---------------------------------------+ | Revision | | Initial | | 1.0 | 2011-Feb-01 | public | | | | release. | +---------------------------------------+
Cisco Security Procedures
Complete information on reporting security vulnerabilities in Cisco products, obtaining assistance with security incidents, and registering to receive security information from Cisco, is available on Cisco's worldwide website at http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html. This includes instructions for press inquiries regarding Cisco security notices. All Cisco security advisories are available at http://www.cisco.com/go/psirt.
+-------------------------------------------------------------------- Copyright 2010-2011 Cisco Systems, Inc. All rights reserved. +--------------------------------------------------------------------
-----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.14 (Darwin)
iF4EAREIAAYFAk1IQjoACgkQQXnnBKKRMNCpdQEAg/vWtP38VKH2ZDeL9QMQfx6E M8nIZdeL2XGonJpT60IA/0APzTbZPE+9rWTi1Z0lJqIgCjHls3jo+sGQWSPvxxkS =Ur/Y -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201102-0310",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webex recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.12"
},
{
"model": "webex advanced recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "26.49"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.13"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "26.49"
},
{
"model": "webex advanced recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.11.0.3328"
},
{
"model": "webex advanced recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.10"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.11.0.3328"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.10"
},
{
"model": "webex advanced recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.12"
},
{
"model": "webex advanced recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.13"
},
{
"model": "webex advanced recording format player",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "t27lb of sp21 ep3"
},
{
"model": "webex advanced recording format player",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "t27lc of sp22"
},
{
"model": "webex recording format player",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "t27lb of sp21 ep3"
},
{
"model": "webex recording format player",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "t27lc of sp22"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "27.00"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "26.00"
},
{
"model": "webex 27lc sp22",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex 27lb sp21 ep3",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "27.10"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "26.49.32"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)27.11.8"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)26.49.35"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)27.00"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)26.00"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "27.11.8"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "26.49.35"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex (mac os 27lc sp22",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os 27lb sp21 ep3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
}
],
"sources": [
{
"db": "BID",
"id": "46075"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003860"
},
{
"db": "NVD",
"id": "CVE-2010-3044"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-031"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:26.49:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:27.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:27.11.0.3328:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:27.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:27.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:27.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:27.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:26.49:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:27.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:27.11.0.3328:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2010-3044"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Federico MuttisTippingPoint \u003chttp://www.tippingpoint.com/\u003e",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201102-031"
}
],
"trust": 0.6
},
"cve": "CVE-2010-3044",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2010-3044",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-45649",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2010-3044",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201102-031",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-45649",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-45649"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003860"
},
{
"db": "NVD",
"id": "CVE-2010-3044"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-031"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted (1) .wrf or (2) .arf file, related to atas32.dll, a different vulnerability than CVE-2010-3041, CVE-2010-3042, and CVE-2010-3043. Cisco WebEx is prone to multiple remote buffer-overflow vulnerabilities because it fails to perform adequate boundary-checks on user-supplied data. Failed exploit attempts will result in a denial-of-service condition. \n\nThe Cisco WebEx Players are applications that are used to play back\nWebEx meeting recordings that have been recorded on the computer of\nan on-line meeting attendee. The players can be automatically\ninstalled when the user accesses a recording file that is hosted on a\nWebEx server. The player can also be manually installed for offline\nplayback after downloading the application from www.webex.com\n\nIf the WebEx recording player was automatically installed, it will be\nautomatically upgraded to the latest, non-vulnerable version when\nusers access a recording file that is hosted on a WebEx server. If\nthe WebEx recording player was manually installed, users will need to\nmanually install a new version of the player after downloading the\nlatest version from www.webex.com \n\nCisco has released free software updates that address these\nvulnerabilities. \n\nThis advisory is posted at\nhttp://www.cisco.com/warp/public/707/cisco-sa-20110201-webex.shtml. \n\nAffected Products\n=================\n\nVulnerable Products\n+------------------\n\nThe vulnerabilities disclosed in this advisory affect the Cisco WebEx\nrecording players. Microsoft Windows, Apple Mac OS X, and Linux\nversions of the player are all affected. Affected versions of the\nplayers are those prior to client builds T27LC SP22 and T27LB SP21\nEP3. Customers who have contractual agreements that prevent WebEx\nfrom automatically upgrading a recording player to the latest version\nshould contact their account manager to determine upgrade options. \n\nTo determine whether a Cisco WebEx server is running an affected\nversion of the WebEx client build, users can log in to their Cisco\nWebEx server and go to the Support \u003e Downloads section. The version\nof the WebEx client build will be displayed on the right side of the\npage under \"About Support Center.\" See \"Software Versions and Fixes\"\nfor details. \n\nCisco recommends that users upgrade to the most current version of\nthe player that is available from www.webex.com/downloadplayer.html\n\n\nProducts Confirmed Not Vulnerable\n+--------------------------------\n\nNo other Cisco products are currently known to be affected by these\nvulnerabilities. \n\nDetails\n=======\n\nThe WebEx meeting service is a hosted multimedia conferencing\nsolution that is managed and maintained by Cisco WebEx. The WRF and\nARF file formats are used to store WebEx meeting recordings that have\nbeen recorded on the computer of an on-line meeting attendee. The\nplayers are applications that are used to play back and edit\nrecording files (files with .wrf and .arf extensions). The recording\nplayers can be automatically installed when the user accesses a\nrecording file that is hosted on a WebEx server (for stream playback\nmode). The recording players can also be manually installed after\ndownloading the application from www.webex.com/downloadplayer.html\nto play back recording files locally (for offline\nplayback mode). \n\nMultiple buffer overflow vulnerabilities exist in the WRF and ARF\nplayers. The vulnerabilities may lead to a crash of the player\napplication or, in some cases, remote code execution could occur. \n\nTo exploit one of these vulnerabilities, the player application would\nneed to open a malicious WRF or ARF file. An attacker may be able to\naccomplish this exploit by providing the malicious recording file\ndirectly to users (for example, by using e-mail) or by directing a\nuser to a malicious web page. The vulnerability cannot be triggered\nby users who are attending a WebEx meeting. \n\nThese vulnerabilities have been assigned the following Common\nVulnerabilities and Exposures (CVE) identifiers:\n\n * CVE-2010-3269\n * CVE-2010-3041\n * CVE-2010-3042\n * CVE-2010-3043\n * CVE-2010-3044\n\nVulnerability Scoring Details\n\nCisco has provided scores for the vulnerabilities in this advisory\nbased on the Common Vulnerability Scoring System (CVSS). The CVSS\nscoring in this Security Advisory is done in accordance with CVSS\nversion 2.0. \n\nCVSS is a standards-based scoring method that conveys vulnerability\nseverity and helps determine urgency and priority of response. \n\nCisco has provided a base and temporal score. Customers can then\ncompute environmental scores to assist in determining the impact of\nthe vulnerability in individual networks. \n\nCisco has provided an FAQ to answer additional questions regarding\nCVSS at:\n\nhttp://www.cisco.com/web/about/security/intelligence/cvss-qandas.html\n\n\nCisco has also provided a CVSS calculator to help compute the\nenvironmental impact for individual networks at:\n\nhttp://intellishield.cisco.com/security/alertmanager/cvss \n\n* Multiple Cisco WebEx Player Buffer Overflow Vulnerabilities\n\nCVSS Base Score - 9.3\n Access Vector - Network\n Access Complexity - Medium\n Authentication - None\n Confidentiality Impact - Complete\n Integrity Impact - Complete\n Availability Impact - Complete\n\nCVSS Temporal Score - 7.7\n Exploitability - Functional\n Remediation Level - Official-Fix\n Report Confidence - Confirmed\n\n\nImpact\n======\n\nSuccessful exploitation of the vulnerabilities described in this\ndocument could result in a crash of the Cisco WebEx ARF Player or WRF\nPlayer application and, in some cases, allow a remote attacker to\nexecute arbitrary code on the system with the privileges of the user\nwho is running the recording player application. \n\nSoftware Versions and Fixes\n===========================\n\nWhen considering software upgrades, also consult http://www.cisco.com/go/psirt\nand any subsequent advisories to determine exposure and a\ncomplete upgrade solution. \n\nThese vulnerabilities are first fixed in T27LC SP22 and T27LB SP21\nEP3. For customers who are running T27LC SP22, the client build will\nbe represented as 27.22SP.0.9253. The fix for customers who are\nrunning T27LB SP21 will be deployed by WebEx over the next few weeks. \nThe client build will be determined after the software is deployed. \n\nThe client build is listed in the Support \u003e Downloads section of the\nWebEx page after a user authenticates. WebEx bug fixes are cumulative\nin a major release. For example, if release 27.22SP.0 is fixed,\nrelease 27.22SP.1 will also have the software fix. \n\nIf a recording player was automatically installed, it will be\nautomatically upgraded to the latest, nonvulnerable version when\nusers access a recording file that is hosted on a WebEx server. \n\nIf a WebEx recording player was manually installed, users will need\nto manually install a new version of the player after downloading the\nlatest version from www.webex.com/downloadplayer.html\n\nWorkarounds\n===========\n\nThere are no workarounds for the vulnerabilities disclosed in this\nadvisory. \n\nObtaining Fixed Software\n========================\n\nCisco has released free software updates that address these\nvulnerabilities. Prior to deploying software, customers should\nconsult their maintenance provider or check the software for feature\nset compatibility and known issues specific to their environment. \n\nCustomers may only install and expect support for the feature sets\nthey have purchased. By installing, downloading, accessing or\notherwise using such software upgrades, customers agree to be bound\nby the terms of Cisco\u0027s software license terms found at \nhttp://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html,\nor as otherwise set forth at Cisco.com Downloads at\nhttp://www.cisco.com/public/sw-center/sw-usingswc.shtml \n\nDo not contact psirt@cisco.com or security-alert@cisco.com for\nsoftware upgrades. \n\nExploitation and Public Announcements\n=====================================\n\nThe Cisco PSIRT is not aware of any public announcements or malicious\nuse of the vulnerability described in this advisory. \n\nThese vulnerabilities were either found during internal testing or\nreported to Cisco by a variety of sources, including Core Security,\nTippingPoint, and Fortinet\u0027s FortiGuard Labs. \n\nCisco would like to thank these organizations for reporting these\nvulnerabilities. \n\nStatus of this Notice: FINAL\n============================\n\nTHIS DOCUMENT IS PROVIDED ON AN \"AS IS\" BASIS AND DOES NOT IMPLY ANY\nKIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF\nMERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE\nINFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS\nAT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS\nDOCUMENT AT ANY TIME. \n\nA stand-alone copy or Paraphrase of the text of this document that\nomits the distribution URL in the following section is an\nuncontrolled copy, and may lack important information or contain\nfactual errors. \n\nDistribution\n============\n\nThis advisory is posted on Cisco\u0027s worldwide website at :\n\nhttp://www.cisco.com/warp/public/707/cisco-sa-20110201-webex.shtml\n\nIn addition to worldwide web posting, a text version of this notice\nis clear-signed with the Cisco PSIRT PGP key and is posted to the\nfollowing e-mail and Usenet news recipients. \n\n * cust-security-announce@cisco.com\n * first-bulletins@lists.first.org\n * bugtraq@securityfocus.com\n * vulnwatch@vulnwatch.org\n * cisco@spot.colorado.edu\n * cisco-nsp@puck.nether.net\n * full-disclosure@lists.grok.org.uk\n * comp.dcom.sys.cisco@newsgate.cisco.com\n\nFuture updates of this advisory, if any, will be placed on Cisco\u0027s\nworldwide website, but may or may not be actively announced on\nmailing lists or newsgroups. Users concerned about this problem are\nencouraged to check the above URL for any updates. \n\nRevision History\n================\n\n+---------------------------------------+\n| Revision | | Initial |\n| 1.0 | 2011-Feb-01 | public |\n| | | release. |\n+---------------------------------------+\n\nCisco Security Procedures\n=========================\n\nComplete information on reporting security vulnerabilities in Cisco\nproducts, obtaining assistance with security incidents, and\nregistering to receive security information from Cisco, is available\non Cisco\u0027s worldwide website at \nhttp://www.cisco.com/en/US/products/products_security_vulnerability_policy.html. \nThis includes instructions for press inquiries regarding Cisco security notices. \nAll Cisco security advisories are available at \nhttp://www.cisco.com/go/psirt. \n\n+--------------------------------------------------------------------\nCopyright 2010-2011 Cisco Systems, Inc. All rights reserved. \n+--------------------------------------------------------------------\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG/MacGPG2 v2.0.14 (Darwin)\n\niF4EAREIAAYFAk1IQjoACgkQQXnnBKKRMNCpdQEAg/vWtP38VKH2ZDeL9QMQfx6E\nM8nIZdeL2XGonJpT60IA/0APzTbZPE+9rWTi1Z0lJqIgCjHls3jo+sGQWSPvxxkS\n=Ur/Y\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-3044"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003860"
},
{
"db": "BID",
"id": "46075"
},
{
"db": "VULHUB",
"id": "VHN-45649"
},
{
"db": "PACKETSTORM",
"id": "98073"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-3044",
"trust": 2.9
},
{
"db": "BID",
"id": "46075",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1025016",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003860",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201102-031",
"trust": 0.7
},
{
"db": "CISCO",
"id": "20110201 MULTIPLE CISCO WEBEX PLAYER VULNERABILITIES",
"trust": 0.6
},
{
"db": "XF",
"id": "65075",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "16391",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-45649",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "98073",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-45649"
},
{
"db": "BID",
"id": "46075"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003860"
},
{
"db": "PACKETSTORM",
"id": "98073"
},
{
"db": "NVD",
"id": "CVE-2010-3044"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-031"
}
]
},
"id": "VAR-201102-0310",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-45649"
}
],
"trust": 0.7453525499999999
},
"last_update_date": "2023-12-18T12:58:25.481000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20110201-webex",
"trust": 0.8,
"url": "http://www.cisco.com/en/us/products/products_security_advisory09186a0080b6913f.shtml"
},
{
"title": "cisco-sa-20110201-webex",
"trust": 0.8,
"url": "http://www.cisco.com/cisco/web/support/jp/110/1103/1103539_cisco-sa-20110201-webex-j.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-003860"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-45649"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003860"
},
{
"db": "NVD",
"id": "CVE-2010-3044"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/46075"
},
{
"trust": 1.7,
"url": "http://www.cisco.com/en/us/products/products_security_advisory09186a0080b6913f.shtml"
},
{
"trust": 1.7,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=22016"
},
{
"trust": 1.7,
"url": "http://www.fortiguard.com/advisory/fga-2011-03.html"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1025016"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65075"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3044"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-3044"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/65075"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/16391"
},
{
"trust": 0.4,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20110201-webex.shtml"
},
{
"trust": 0.3,
"url": "http://www.coresecurity.com/content/webex-atp-and-wrf-overflow-vulnerabilities"
},
{
"trust": 0.3,
"url": "http://www.webex.com/"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/en/us/products/products_security_vulnerability_policy.html."
},
{
"trust": 0.1,
"url": "http://www.cisco.com/go/psirt"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3043"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20110201-webex.shtml."
},
{
"trust": 0.1,
"url": "http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html"
},
{
"trust": 0.1,
"url": "https://www.webex.com/downloadplayer.html"
},
{
"trust": 0.1,
"url": "https://www.webex.com"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3044"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3041"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3269"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3042"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/go/psirt."
},
{
"trust": 0.1,
"url": "http://www.cisco.com/public/sw-center/sw-usingswc.shtml"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/en/us/docs/general/warranty/english/eu1ken_.html,"
},
{
"trust": 0.1,
"url": "http://intellishield.cisco.com/security/alertmanager/cvss"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-45649"
},
{
"db": "BID",
"id": "46075"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003860"
},
{
"db": "PACKETSTORM",
"id": "98073"
},
{
"db": "NVD",
"id": "CVE-2010-3044"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-031"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-45649"
},
{
"db": "BID",
"id": "46075"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003860"
},
{
"db": "PACKETSTORM",
"id": "98073"
},
{
"db": "NVD",
"id": "CVE-2010-3044"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-031"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-02-02T00:00:00",
"db": "VULHUB",
"id": "VHN-45649"
},
{
"date": "2011-01-31T00:00:00",
"db": "BID",
"id": "46075"
},
{
"date": "2012-03-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-003860"
},
{
"date": "2011-02-02T02:55:23",
"db": "PACKETSTORM",
"id": "98073"
},
{
"date": "2011-02-02T23:00:31.393000",
"db": "NVD",
"id": "CVE-2010-3044"
},
{
"date": "2011-02-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-031"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-17T00:00:00",
"db": "VULHUB",
"id": "VHN-45649"
},
{
"date": "2011-02-01T16:20:00",
"db": "BID",
"id": "46075"
},
{
"date": "2012-03-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-003860"
},
{
"date": "2017-08-17T01:32:54.227000",
"db": "NVD",
"id": "CVE-2010-3044"
},
{
"date": "2011-07-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-031"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "98073"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-031"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco WRF and ARF Player T27LB Vulnerable to buffer overflow",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-003860"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201102-031"
}
],
"trust": 0.6
}
}
var-201810-0300
Vulnerability from variot
A vulnerability in the folder permissions of Cisco Webex Meetings client for Windows could allow an authenticated, local attacker to modify locally stored files and execute code on a targeted device with the privilege level of the user. The vulnerability is due to folder permissions that grant a user the permission to read, write, and execute files in the Webex folders. An attacker could exploit this vulnerability to write malicious files to the Webex client directory, affecting all other users of the targeted device. A successful exploit could allow a user to execute commands with elevated privileges. Attacks on single-user systems are less likely to occur, as the attack must be carried out by the user on the user's own system. Multiuser systems have a higher risk of exploitation because folder permissions have an impact on all users of the device. For an attacker to exploit this vulnerability successfully, a second user must execute the locally installed malicious file to allow remote code execution to occur. Windows for Cisco Webex Meetings Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows local attackers to escalate privileges on vulnerable installations of Cisco WebEx Network Recording Player. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.The specific flaw exists in the access control that the product installer sets on the product's binaries. This allows any local user to replace the product's binaries with malicious replacements. An attacker can leverage this vulnerability to escalate privileges to the level of some other user of the system, such as an administrator. Cisco Webex Meetings Client is prone to a local privilege-escalation vulnerability. This issue is being tracked by Cisco bug IDs CSCvh89155, CSCvh89157 and CSCvh89158. Cisco Webex Meetings Suite and others are multi-functional video conferencing solutions of Cisco (Cisco). Webex Meetings client for Windows is a Windows-based video conferencing client software. The following products are affected: Cisco Webex Meetings Suite (WBS31); Cisco Webex Meetings Suite (WBS32); Cisco Webex Meetings Suite (WBS33); Cisco Webex Meetings; Cisco Webex Meetings Server
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201810-0300",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "webex meetings online",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "t31.20"
},
{
"model": "webex business suite 32",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "32.15.20"
},
{
"model": "webex business suite 31",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "*"
},
{
"model": "webex meetings online",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "t31.20.2"
},
{
"model": "webex business suite 33",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "33.4"
},
{
"model": "webex meetings online",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.37"
},
{
"model": "webex meetings server",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "webex meetings suite",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex business suite 31",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite 32",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite 33",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings online",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex",
"scope": null,
"trust": 0.7,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings online t31.20.2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings online t31.20",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-998"
},
{
"db": "BID",
"id": "105281"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014367"
},
{
"db": "NVD",
"id": "CVE-2018-0422"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_online:t31.20.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_online:t31.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_online:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.3.37",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:3.0:mr1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "3.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_business_suite_32:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "32.15.20",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_business_suite_33:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "33.4",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_business_suite_31:*:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-0422"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Simon Zuckerbraun of Trend Micro Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-998"
}
],
"trust": 0.7
},
"cve": "CVE-2018-0422",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Local",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 6.9,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-0422",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 1.5,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.4,
"id": "VHN-118624",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:L/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.3,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.3,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-0422",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-0422",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2018-0422",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201809-255",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-118624",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-998"
},
{
"db": "VULHUB",
"id": "VHN-118624"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014367"
},
{
"db": "NVD",
"id": "CVE-2018-0422"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-255"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in the folder permissions of Cisco Webex Meetings client for Windows could allow an authenticated, local attacker to modify locally stored files and execute code on a targeted device with the privilege level of the user. The vulnerability is due to folder permissions that grant a user the permission to read, write, and execute files in the Webex folders. An attacker could exploit this vulnerability to write malicious files to the Webex client directory, affecting all other users of the targeted device. A successful exploit could allow a user to execute commands with elevated privileges. Attacks on single-user systems are less likely to occur, as the attack must be carried out by the user on the user\u0027s own system. Multiuser systems have a higher risk of exploitation because folder permissions have an impact on all users of the device. For an attacker to exploit this vulnerability successfully, a second user must execute the locally installed malicious file to allow remote code execution to occur. Windows for Cisco Webex Meetings Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. This vulnerability allows local attackers to escalate privileges on vulnerable installations of Cisco WebEx Network Recording Player. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.The specific flaw exists in the access control that the product installer sets on the product\u0027s binaries. This allows any local user to replace the product\u0027s binaries with malicious replacements. An attacker can leverage this vulnerability to escalate privileges to the level of some other user of the system, such as an administrator. Cisco Webex Meetings Client is prone to a local privilege-escalation vulnerability. \nThis issue is being tracked by Cisco bug IDs CSCvh89155, CSCvh89157 and CSCvh89158. Cisco Webex Meetings Suite and others are multi-functional video conferencing solutions of Cisco (Cisco). Webex Meetings client for Windows is a Windows-based video conferencing client software. The following products are affected: Cisco Webex Meetings Suite (WBS31); Cisco Webex Meetings Suite (WBS32); Cisco Webex Meetings Suite (WBS33); Cisco Webex Meetings; Cisco Webex Meetings Server",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-0422"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014367"
},
{
"db": "ZDI",
"id": "ZDI-18-998"
},
{
"db": "BID",
"id": "105281"
},
{
"db": "VULHUB",
"id": "VHN-118624"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-0422",
"trust": 3.5
},
{
"db": "BID",
"id": "105281",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1041681",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014367",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5623",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-998",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201809-255",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-118624",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-998"
},
{
"db": "VULHUB",
"id": "VHN-118624"
},
{
"db": "BID",
"id": "105281"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014367"
},
{
"db": "NVD",
"id": "CVE-2018-0422"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-255"
}
]
},
"id": "VAR-201810-0300",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-118624"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:33:41.748000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20180905-webex-pe",
"trust": 1.5,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180905-webex-pe"
},
{
"title": "Cisco Webex Meetings client for Windows Fixes for permission permissions and access control vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=84586"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-998"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014367"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-255"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-732",
"trust": 1.1
},
{
"problemtype": "CWE-264",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-118624"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014367"
},
{
"db": "NVD",
"id": "CVE-2018-0422"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180905-webex-pe"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/105281"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1041681"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0422"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-0422"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-998"
},
{
"db": "VULHUB",
"id": "VHN-118624"
},
{
"db": "BID",
"id": "105281"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014367"
},
{
"db": "NVD",
"id": "CVE-2018-0422"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-255"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-18-998"
},
{
"db": "VULHUB",
"id": "VHN-118624"
},
{
"db": "BID",
"id": "105281"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-014367"
},
{
"db": "NVD",
"id": "CVE-2018-0422"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-255"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-09-06T00:00:00",
"db": "ZDI",
"id": "ZDI-18-998"
},
{
"date": "2018-10-05T00:00:00",
"db": "VULHUB",
"id": "VHN-118624"
},
{
"date": "2018-09-05T00:00:00",
"db": "BID",
"id": "105281"
},
{
"date": "2019-03-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-014367"
},
{
"date": "2018-10-05T14:29:00.730000",
"db": "NVD",
"id": "CVE-2018-0422"
},
{
"date": "2018-09-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201809-255"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-09-06T00:00:00",
"db": "ZDI",
"id": "ZDI-18-998"
},
{
"date": "2019-10-03T00:00:00",
"db": "VULHUB",
"id": "VHN-118624"
},
{
"date": "2018-09-05T00:00:00",
"db": "BID",
"id": "105281"
},
{
"date": "2019-03-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-014367"
},
{
"date": "2019-10-03T00:03:26.223000",
"db": "NVD",
"id": "CVE-2018-0422"
},
{
"date": "2019-10-23T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201809-255"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "105281"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-255"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows for Cisco Webex Meetings Vulnerabilities related to authorization, permissions, and access control",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-014367"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201809-255"
}
],
"trust": 0.6
}
}
var-201901-0364
Vulnerability from variot
A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit this vulnerability by sending a user a malicious ARF or WRF file via a link or email attachment and persuading the user to open the file with the affected software. Successful exploitation could allow the attacker to execute arbitrary code on the affected system. Crafted data in an ARF file can trigger a write past the end of an allocated buffer. These issues are being tracked by Cisco Bug IDs CSCvm65148, CSCvm65207, CSCvm65741, CSCvm65747, CSCvm65794, CSCvm65798, CSCvm86137, CSCvm86143, CSCvm86148, CSCvm86157, CSCvm86160, and CSCvm86165. Cisco Webex Business Suite WBS32 sites and so on are the video conferencing solutions of Cisco (Cisco). The following products are affected: Cisco Webex Business Suite WBS32 sites; Webex Business Suite WBS33 sites; Webex Meetings Online; Webex Meetings Server
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201901-0364",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0mr2"
},
{
"model": "webex meetings online",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "t33.3.5"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "t31"
},
{
"model": "webex meetings online",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.33"
},
{
"model": "webex meetings online",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "t33.5.1"
},
{
"model": "webex meetings online",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.39"
},
{
"model": "webex meetings online",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "t32.9"
},
{
"model": "webex meetings online",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex",
"scope": null,
"trust": 0.7,
"vendor": "cisco",
"version": null
},
{
"model": "webex player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex network recording player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings server 3.0mr2 patch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1"
},
{
"model": "webex meetings server 3.0mr2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server 3.0mr1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server patch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.01"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "webex meetings server mr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings online",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.3.37"
},
{
"model": "webex meetings online",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.3.35"
},
{
"model": "webex meetings online",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex business suite wbs33.4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite wbs33",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite wbs32.15.20",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite wbs32",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server mr2 sp2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "webex meetings server mr3 sp1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8"
},
{
"model": "webex meetings online",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.3.40"
},
{
"model": "webex business suite wbs33.7.0",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite wbs33.6.1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite wbs32.15.33",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-19-128"
},
{
"db": "BID",
"id": "106704"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-001449"
},
{
"db": "NVD",
"id": "CVE-2019-1638"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:3.0mr2:p1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_online:t33.5.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_online:t32.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:t31:sp3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_online:1.3.39:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_online:1.3.33:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_online:t33.3.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-1638"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "b0nd @garage4hackers",
"sources": [
{
"db": "ZDI",
"id": "ZDI-19-128"
}
],
"trust": 0.7
},
"cve": "CVE-2019-1638",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2019-1638",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-148520",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-1638",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2019-1638",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "REQUIRED",
"vectorString": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2019-1638",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ykramarz@cisco.com",
"id": "CVE-2019-1638",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2019-1638",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201901-852",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-148520",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-19-128"
},
{
"db": "VULHUB",
"id": "VHN-148520"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-001449"
},
{
"db": "NVD",
"id": "CVE-2019-1638"
},
{
"db": "NVD",
"id": "CVE-2019-1638"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-852"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit this vulnerability by sending a user a malicious ARF or WRF file via a link or email attachment and persuading the user to open the file with the affected software. Successful exploitation could allow the attacker to execute arbitrary code on the affected system. Crafted data in an ARF file can trigger a write past the end of an allocated buffer. \nThese issues are being tracked by Cisco Bug IDs CSCvm65148, CSCvm65207, CSCvm65741, CSCvm65747, CSCvm65794, CSCvm65798, CSCvm86137, CSCvm86143, CSCvm86148, CSCvm86157, CSCvm86160, and CSCvm86165. Cisco Webex Business Suite WBS32 sites and so on are the video conferencing solutions of Cisco (Cisco). The following products are affected: Cisco Webex Business Suite WBS32 sites; Webex Business Suite WBS33 sites; Webex Meetings Online; Webex Meetings Server",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-1638"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-001449"
},
{
"db": "ZDI",
"id": "ZDI-19-128"
},
{
"db": "BID",
"id": "106704"
},
{
"db": "VULHUB",
"id": "VHN-148520"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-1638",
"trust": 3.5
},
{
"db": "BID",
"id": "106704",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2019-001449",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-7043",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-19-128",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201901-852",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-148520",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-19-128"
},
{
"db": "VULHUB",
"id": "VHN-148520"
},
{
"db": "BID",
"id": "106704"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-001449"
},
{
"db": "NVD",
"id": "CVE-2019-1638"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-852"
}
]
},
"id": "VAR-201901-0364",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-148520"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:28:33.841000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20190123-webex-rce",
"trust": 1.5,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190123-webex-rce"
},
{
"title": "Cisco Webex Network Recording Player and Webex Player for Windows Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=88933"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-19-128"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-001449"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-852"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-148520"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-001449"
},
{
"db": "NVD",
"id": "CVE-2019-1638"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190123-webex-rce"
},
{
"trust": 2.3,
"url": "http://www.securityfocus.com/bid/106704"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1638"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-1638"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-19-128"
},
{
"db": "VULHUB",
"id": "VHN-148520"
},
{
"db": "BID",
"id": "106704"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-001449"
},
{
"db": "NVD",
"id": "CVE-2019-1638"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-852"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-19-128"
},
{
"db": "VULHUB",
"id": "VHN-148520"
},
{
"db": "BID",
"id": "106704"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-001449"
},
{
"db": "NVD",
"id": "CVE-2019-1638"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-852"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-01-25T00:00:00",
"db": "ZDI",
"id": "ZDI-19-128"
},
{
"date": "2019-01-23T00:00:00",
"db": "VULHUB",
"id": "VHN-148520"
},
{
"date": "2019-01-23T00:00:00",
"db": "BID",
"id": "106704"
},
{
"date": "2019-03-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-001449"
},
{
"date": "2019-01-23T23:29:00.277000",
"db": "NVD",
"id": "CVE-2019-1638"
},
{
"date": "2019-01-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201901-852"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-01-25T00:00:00",
"db": "ZDI",
"id": "ZDI-19-128"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-148520"
},
{
"date": "2019-01-23T00:00:00",
"db": "BID",
"id": "106704"
},
{
"date": "2019-03-06T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-001449"
},
{
"date": "2019-10-09T23:47:34.657000",
"db": "NVD",
"id": "CVE-2019-1638"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201901-852"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201901-852"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Webex Network Recording Player and Cisco Webex Player Buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-001449"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201901-852"
}
],
"trust": 0.6
}
}
var-201810-0592
Vulnerability from variot
A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit this vulnerability by sending a user a malicious ARF or WRF file via a link or an email attachment and persuading the user to open the file by using the affected software. A successful exploit could allow the attacker to execute arbitrary code on the affected system. Cisco Webex Network Recording Player and Webex Player Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. When parsing an ARF file, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. These issues are being tracked by Cisco Bug IDs CSCvj63665, CSCvj63672, CSCvj63676, CSCvj63717, CSCvj63724, CSCvj63729, CSCvj67334, CSCvj67339, and CSCvj67344. Cisco Webex Meetings Suite and others are multi-functional video conferencing solutions of Cisco (Cisco)
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201810-0592",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "2.7"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "2.8"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "2.7.1"
},
{
"model": "webex business suite 33",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "33.3"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.1.29"
},
{
"model": "webex meetings online",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.37"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.6"
},
{
"model": "webex business suite 32",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "32.15.10"
},
{
"model": "webex business suite",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "32"
},
{
"model": "webex business suite",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "33"
},
{
"model": "webex meetings online",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex",
"scope": null,
"trust": 0.7,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings suite",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex business suite 33",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "33.1"
},
{
"model": "webex business suite 33",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "33.0"
},
{
"model": "webex business suite 32",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite 33",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "33.2"
},
{
"model": "webex network recording player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings online",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings suite wbs33.3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings suite wbs32.15.10",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server 3.0mr2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings online",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.3.37"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1079"
},
{
"db": "BID",
"id": "105374"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010862"
},
{
"db": "NVD",
"id": "CVE-2018-15422"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-994"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_online:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.3.37",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5:maintenance_release2_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5:maintenance_release6_patch2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:maintenance_release1_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:maintenance_release3_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5:maintenance_release6_patch3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5:maintenance_release6_patch4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5.1.29:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7:base:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7:maintenance_release1_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7:maintenance_release2_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5:maintenance_release5_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:maintenance_release2_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:maintenance_release3_patch2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.8:base:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_business_suite_32:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "32.15.10",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_business_suite_33:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "33.3",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-15422"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Steven Seeley (mr_me) of Source Incite",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1079"
}
],
"trust": 0.7
},
"cve": "CVE-2018-15422",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-15422",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 4.9,
"id": "CVE-2018-15422",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-125680",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-15422",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-15422",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2018-15422",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201809-994",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-125680",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1079"
},
{
"db": "VULHUB",
"id": "VHN-125680"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010862"
},
{
"db": "NVD",
"id": "CVE-2018-15422"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-994"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit this vulnerability by sending a user a malicious ARF or WRF file via a link or an email attachment and persuading the user to open the file by using the affected software. A successful exploit could allow the attacker to execute arbitrary code on the affected system. Cisco Webex Network Recording Player and Webex Player Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. When parsing an ARF file, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. \nThese issues are being tracked by Cisco Bug IDs CSCvj63665, CSCvj63672, CSCvj63676, CSCvj63717, CSCvj63724, CSCvj63729, CSCvj67334, CSCvj67339, and CSCvj67344. Cisco Webex Meetings Suite and others are multi-functional video conferencing solutions of Cisco (Cisco)",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-15422"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010862"
},
{
"db": "ZDI",
"id": "ZDI-18-1079"
},
{
"db": "BID",
"id": "105374"
},
{
"db": "VULHUB",
"id": "VHN-125680"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-15422",
"trust": 3.5
},
{
"db": "BID",
"id": "105374",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1041689",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010862",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-6205",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-1079",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201809-994",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-125680",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1079"
},
{
"db": "VULHUB",
"id": "VHN-125680"
},
{
"db": "BID",
"id": "105374"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010862"
},
{
"db": "NVD",
"id": "CVE-2018-15422"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-994"
}
]
},
"id": "VAR-201810-0592",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-125680"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:18:26.397000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20180919-webex",
"trust": 1.5,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180919-webex"
},
{
"title": "Cisco Webex Network Recording Player Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=85101"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1079"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010862"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-994"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.1
},
{
"problemtype": "CWE-20",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-125680"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010862"
},
{
"db": "NVD",
"id": "CVE-2018-15422"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180919-webex"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/105374"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1041689"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-15422"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-15422"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
},
{
"trust": 0.3,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180919-webex "
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1079"
},
{
"db": "VULHUB",
"id": "VHN-125680"
},
{
"db": "BID",
"id": "105374"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010862"
},
{
"db": "NVD",
"id": "CVE-2018-15422"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-994"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-18-1079"
},
{
"db": "VULHUB",
"id": "VHN-125680"
},
{
"db": "BID",
"id": "105374"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010862"
},
{
"db": "NVD",
"id": "CVE-2018-15422"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-994"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-09-21T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1079"
},
{
"date": "2018-10-05T00:00:00",
"db": "VULHUB",
"id": "VHN-125680"
},
{
"date": "2018-09-19T00:00:00",
"db": "BID",
"id": "105374"
},
{
"date": "2018-12-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010862"
},
{
"date": "2018-10-05T14:29:10.857000",
"db": "NVD",
"id": "CVE-2018-15422"
},
{
"date": "2018-09-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201809-994"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-09-21T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1079"
},
{
"date": "2020-09-16T00:00:00",
"db": "VULHUB",
"id": "VHN-125680"
},
{
"date": "2018-09-19T00:00:00",
"db": "BID",
"id": "105374"
},
{
"date": "2018-12-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010862"
},
{
"date": "2020-09-16T14:15:24.220000",
"db": "NVD",
"id": "CVE-2018-15422"
},
{
"date": "2020-10-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201809-994"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201809-994"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Webex Network Recording Player and Webex Player Input validation vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010862"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201809-994"
}
],
"trust": 0.6
}
}
var-201801-1054
Vulnerability from variot
A Buffer Overflow vulnerability in Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) files could allow a local attacker to execute arbitrary code on the system of a user. The attacker could exploit this vulnerability by sending the user a link or email attachment with a malicious ARF file and persuading the user to follow the link or launch the file. Successful exploitation could allow the attacker to execute arbitrary code on the user's system. This vulnerability affects Cisco WebEx Business Suite meeting sites, Cisco WebEx Meetings sites, Cisco WebEx Meetings Server, and Cisco WebEx ARF players. Cisco Bug IDs: CSCvg78835, CSCvg78837, CSCvg78839. Vendors have confirmed this vulnerability Bug ID CSCvg78835 , CSCvg78837 ,and CSCvg78839 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Crafted data in an ARF file can trigger an overflow of a heap-based buffer. Attackers can exploit this issue to cause a denial-of-service condition. WebEx ARF player is one of the media players mainly used to play WebEx recording files in ARF format
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201801-1054",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex network recording player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex network recording player",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex",
"scope": null,
"trust": 0.7,
"vendor": "cisco",
"version": null
},
{
"model": "webex network recording player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.7"
},
{
"model": "webex meetings t31",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings t30",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings t32.9",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings t32",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings t31.20.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-007"
},
{
"db": "BID",
"id": "102369"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001271"
},
{
"db": "NVD",
"id": "CVE-2018-0103"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-206"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_network_recording_player:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_business_suite:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-0103"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Steven Seeley (mr_me) of Offensive Security",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-007"
}
],
"trust": 0.7
},
"cve": "CVE-2018-0103",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Local",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 6.6,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-0103",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:L/AC:M/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2018-0103",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-118305",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.3,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-0103",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "Low",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-0103",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2018-0103",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201801-206",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-118305",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-007"
},
{
"db": "VULHUB",
"id": "VHN-118305"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001271"
},
{
"db": "NVD",
"id": "CVE-2018-0103"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-206"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A Buffer Overflow vulnerability in Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) files could allow a local attacker to execute arbitrary code on the system of a user. The attacker could exploit this vulnerability by sending the user a link or email attachment with a malicious ARF file and persuading the user to follow the link or launch the file. Successful exploitation could allow the attacker to execute arbitrary code on the user\u0027s system. This vulnerability affects Cisco WebEx Business Suite meeting sites, Cisco WebEx Meetings sites, Cisco WebEx Meetings Server, and Cisco WebEx ARF players. Cisco Bug IDs: CSCvg78835, CSCvg78837, CSCvg78839. Vendors have confirmed this vulnerability Bug ID CSCvg78835 , CSCvg78837 ,and CSCvg78839 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Crafted data in an ARF file can trigger an overflow of a heap-based buffer. \nAttackers can exploit this issue to cause a denial-of-service condition. WebEx ARF player is one of the media players mainly used to play WebEx recording files in ARF format",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-0103"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001271"
},
{
"db": "ZDI",
"id": "ZDI-18-007"
},
{
"db": "BID",
"id": "102369"
},
{
"db": "VULHUB",
"id": "VHN-118305"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-0103",
"trust": 3.5
},
{
"db": "BID",
"id": "102369",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001271",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-4913",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-007",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201801-206",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-118305",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-007"
},
{
"db": "VULHUB",
"id": "VHN-118305"
},
{
"db": "BID",
"id": "102369"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001271"
},
{
"db": "NVD",
"id": "CVE-2018-0103"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-206"
}
]
},
"id": "VAR-201801-1054",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-118305"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:57:05.022000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20180103-wnrp",
"trust": 1.5,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180103-wnrp"
},
{
"title": "Multiple Cisco product WebEx ARF player Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=77521"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-007"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001271"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-206"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-118305"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001271"
},
{
"db": "NVD",
"id": "CVE-2018-0103"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180103-wnrp"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/102369"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0103"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-0103"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-007"
},
{
"db": "VULHUB",
"id": "VHN-118305"
},
{
"db": "BID",
"id": "102369"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001271"
},
{
"db": "NVD",
"id": "CVE-2018-0103"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-206"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-18-007"
},
{
"db": "VULHUB",
"id": "VHN-118305"
},
{
"db": "BID",
"id": "102369"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-001271"
},
{
"db": "NVD",
"id": "CVE-2018-0103"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-206"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-01-03T00:00:00",
"db": "ZDI",
"id": "ZDI-18-007"
},
{
"date": "2018-01-04T00:00:00",
"db": "VULHUB",
"id": "VHN-118305"
},
{
"date": "2018-01-03T00:00:00",
"db": "BID",
"id": "102369"
},
{
"date": "2018-02-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-001271"
},
{
"date": "2018-01-04T06:29:00.340000",
"db": "NVD",
"id": "CVE-2018-0103"
},
{
"date": "2018-01-05T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201801-206"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-01-03T00:00:00",
"db": "ZDI",
"id": "ZDI-18-007"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-118305"
},
{
"date": "2018-01-03T00:00:00",
"db": "BID",
"id": "102369"
},
{
"date": "2018-02-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-001271"
},
{
"date": "2019-10-09T23:31:14.347000",
"db": "NVD",
"id": "CVE-2018-0103"
},
{
"date": "2019-08-14T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201801-206"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "102369"
},
{
"db": "CNNVD",
"id": "CNNVD-201801-206"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco WebEx Network Recording Player Buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-001271"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201801-206"
}
],
"trust": 0.6
}
}
var-200912-0442
Vulnerability from variot
Stack-based buffer overflow in ataudio.dll in the Cisco WebEx WRF Player 26.x before 26.49.32 for Windows, 27.x before 27.10.x (aka T27SP10) for Windows, 26.x before 26.49.35 for Mac OS X and Linux, and 27.x before 27.11.8 for Mac OS X and Linux allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted WebEx Recording Format (WRF) file. Cisco WebEx is prone to multiple remote buffer-overflow vulnerabilities because the software fails to perform adequate boundary checks on user-supplied data. An attacker can exploit these issues to execute arbitrary code with administrative privileges. Successful exploits will completely compromise affected computers. Failed exploit attempts will result in a denial-of-service condition. ----------------------------------------------------------------------
Do you have VARM strategy implemented?
(Vulnerability Assessment Remediation Management)
If not, then implement it through the most reliable vulnerability intelligence source on the market.
Implement it through Secunia.
ORIGINAL ADVISORY: Cisco: http://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Cisco Security Advisory: Multiple Cisco WebEx WRF Player Vulnerabilities
Advisory ID: cisco-sa-20091216-webex
http://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml
Revision 1.0
For Public Release 2009 December 16 1600 UTC (GMT)
Summary
Multiple buffer overflow vulnerabilities exist in the Cisco WebEx Recording Format (WRF) Player.
The Cisco WebEx WRF Player is an application that is used to play back WebEx meeting recordings that have been recorded on the computer of an on-line meeting attendee. The WRF Player can be automatically installed when the user accesses a WRF file that is hosted on a WebEx server. The WRF Player can also be manually installed for offline playback after downloading the application from www.webex.com.
If the WRF Player was automatically installed, the WebEx WRF Player will be automatically upgraded to the latest, non-vulnerable version when users access a WRF file hosted on a WebEx server. If the WebEx WRF Player was manually installed, users will need to manually install a new version of the player after downloading the latest version from www.webex.com.
Cisco has released free software updates that address these vulnerabilities.
This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml.
Affected Products
Vulnerable Products
The vulnerabilities disclosed in this advisory affect the Cisco WebEx WRF Player. Affected versions of the WRF Player are those prior to the "first fixed" versions, which are shown in the section "Software Versions and Fixes" of this advisory.
To check if a Cisco WebEx server is running an affected version of the WebEx client build, users can log in to their Cisco WebEx server and go to the Support -> Downloads section. The version of the WebEx client build will be displayed on the right-hand side of the page under "About Support Center", for example "Client build: 27.11.0.3328".
There is no way to check if a manually installed version of the WRF Player is affected by these vulnerabilities. Therefore, Cisco recommends that users upgrade to the most current version of the player that is available from http://www.webex.com/downloadplayer.html.
Products Confirmed Not Vulnerable
The Cisco WebEx Player for the WebEx Advanced Recording Format (ARF) file format is not affected by these vulnerabilities.
No other Cisco products are currently known to be affected by these vulnerabilities.
Details
The WebEx meeting service is a hosted multimedia conferencing solution that is managed by and maintained by Cisco WebEx. The WebEx Recording Format (WRF) is a file format that is used to store WebEx meeting recordings that have been recorded on the computer of an on-line meeting attendee. The WRF Player is an application that is used to play back and edit WRF files (files with .wrf extensions). The WRF Player can be automatically installed when the user accesses a WRF file that is hosted on a WebEx server (stream playback mode). The WRF Player can also be manually installed after downloading the application from www.webex.com to play back WRF files locally (offline playback mode).
Multiple buffer overflow vulnerabilities exist in the WRF Player. The vulnerabilities may lead to a crash of the WRF Player application, or in some cases, lead to remote code execution.
To exploit a vulnerability, a malicious WRF file would need to be opened by the WRF Player application. An attacker may be able to accomplish this by providing the malicious WRF file directly to users (for example, via e-mail), or by convincing users to visit a malicious website. The vulnerability cannot be triggered by users attending a WebEx meeting.
These vulnerabilities have been assigned the following Common Vulnerabilities and Exposures (CVE) identifiers:
- CVE-2009-2875
- CVE-2009-2876
- CVE-2009-2877
- CVE-2009-2878
- CVE-2009-2879
- CVE-2009-2880
Vulnerability Scoring Details
Cisco has provided scores for the vulnerabilities in this advisory based on the Common Vulnerability Scoring System (CVSS). The CVSS scoring in this Security Advisory is done in accordance with CVSS version 2.0.
CVSS is a standards-based scoring method that conveys vulnerability severity and helps determine urgency and priority of response.
Cisco has provided a base and temporal score. Customers can then compute environmental scores to assist in determining the impact of the vulnerability in individual networks.
Cisco has provided an FAQ to answer additional questions regarding CVSS at:
http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html
Cisco has also provided a CVSS calculator to help compute the environmental impact for individual networks at:
http://intellishield.cisco.com/security/alertmanager/cvss
- Multiple Cisco WebEx Player Buffer Overflow Vulnerabilities (all vulnerabilities in this advisory)
CVSS Base Score - 9.3 Access Vector - Network Access Complexity - Medium Authentication - None Confidentiality Impact - Complete Integrity Impact - Complete Availability Impact - Complete
CVSS Temporal Score - 7.7 Exploitability - Functional Remediation Level - Official-Fix Report Confidence - Confirmed
Impact
Successful exploitation of the vulnerabilities described in this document could result in a crash of the Cisco WebEx WRF Player application, and in some cases, allow a remote attacker to execute arbitrary code on the targeted system with the privileges of the user running the WRF Player application.
Software Versions and Fixes
The table below contains "First Fixed" information for the Cisco WebEx WRF Player that is automatically downloaded from a WebEx site when a WRF hosted on a WebEx site is accessed (stream playback mode). Fixes are cumulative within a major release so for example, if release 27.10.1 is fixed, then release 27.10.2 will have the fix too.
+------------------------------------------------------------+ | Platform | Major Release 26.x | Major Release 27.x | |-----------+---------------------+--------------------------| | Microsoft | 26.49.32; available | 27.10.x; available now | | Windows | now except lockdown | for non-PSO and | | | sites | non-lockdown sites | |-----------+---------------------+--------------------------| | | 26.49.35; available | 27.11.8; available now | | Mac OS X | early February 2010 | for non-PSO and | | | | non-lockdown sites | |-----------+---------------------+--------------------------| | | 26.49.35; available | 27.11.8; available now | | Linux | early February 2010 | for non-PSO and | | | | non-lockdown sites | +------------------------------------------------------------+
PSO and lockdown sites running 27.x will receive the fixes for these vulnerabilities during the next emergency patching (EP) cycle. This advisory will be updated to indicate a specific timeline once one is available.
If the WRF Player was automatically installed, the WebEx WRF Player will be automatically upgraded to the latest, non-vulnerable version when users access a WRF file hosted on a WebEx server.
If the WebEx WRF Player was manually installed, users will need to manually install a new version of the player after downloading the latest version from www.webex.com.
Workarounds
There are no workarounds for the vulnerabilities disclosed in this advisory.
Obtaining Fixed Software
Cisco has released free software updates that address these vulnerabilities. Prior to deploying software, customers should consult their maintenance provider or check the software for feature set compatibility and known issues specific to their environment.
Customers may only install and expect support for the feature sets they have purchased. By installing, downloading, accessing or otherwise using such software upgrades, customers agree to be bound by the terms of Cisco's software license terms found at http://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html, or as otherwise set forth at Cisco.com Downloads at http://www.cisco.com/public/sw-center/sw-usingswc.shtml.
Do not contact psirt@cisco.com or security-alert@cisco.com for software upgrades.
Customers that need additional information can contact WebEx Global Support Services and Technical Support. WebEx Global Support Services and Technical Support can be reached through the WebEx support site at http://support.webex.com/support/support-overview.html or by phone at +1-866-229-3239 or +1-408-435-7088.
Customers outside of the United States can reference the following link for local support numbers:
http://support.webex.com/support/phone-numbers.html
Exploitation and Public Announcements
The Cisco PSIRT is not aware of malicious use of the vulnerabilities described in this advisory.
These vulnerabilities were discovered and reported to Cisco by Xiaopeng Zhang and Zhenhua Liu of Fortinet's FortiGuard Labs. The FortiGuard Labs advisory is available at http://www.fortiguard.com. Cisco would like to thank FortiGuard Labs for reporting these vulnerabilities to us and for working with us on a coordinated disclosure.
Status of this Notice: FINAL
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.
A stand-alone copy or Paraphrase of the text of this document that omits the distribution URL in the following section is an uncontrolled copy, and may lack important information or contain factual errors.
Distribution
This advisory is posted on Cisco's worldwide website at:
http://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml
In addition to worldwide web posting, a text version of this notice is clear-signed with the Cisco PSIRT PGP key and is posted to the following e-mail and Usenet news recipients.
- cust-security-announce@cisco.com
- first-bulletins@lists.first.org
- bugtraq@securityfocus.com
- vulnwatch@vulnwatch.org
- cisco@spot.colorado.edu
- cisco-nsp@puck.nether.net
- full-disclosure@lists.grok.org.uk
- comp.dcom.sys.cisco@newsgate.cisco.com
Future updates of this advisory, if any, will be placed on Cisco's worldwide website, but may or may not be actively announced on mailing lists or newsgroups. Users concerned about this problem are encouraged to check the above URL for any updates.
Revision History
+------------------------------------------------------------+ | Revision 1.0 | 2009-December-16 | Initial public release | +------------------------------------------------------------+
Cisco Security Procedures
Complete information on reporting security vulnerabilities in Cisco products, obtaining assistance with security incidents, and registering to receive security information from Cisco, is available on Cisco's worldwide website at http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html. This includes instructions for press inquiries regarding Cisco security notices. All Cisco security advisories are available at http://www.cisco.com/go/psirt.
+-------------------------------------------------------------------- Copyright 2008-2009 Cisco Systems, Inc. All rights reserved. +--------------------------------------------------------------------
Updated: Dec 16, 2009 Document ID: 110946 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkspCQMACgkQ86n/Gc8U/uCn+QCeLaUWmiHsetXDoJsynUbgsmHs IDgAnRhmTkrcs2NhAQ7Dq8+eJqofkHSh =KaHv -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200912-0442",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webex",
"scope": "eq",
"trust": 2.2,
"vendor": "cisco",
"version": "27.00"
},
{
"model": "webex",
"scope": "eq",
"trust": 2.2,
"vendor": "cisco",
"version": "26.00"
},
{
"model": "webex",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "wrf player (linux) 26.49.35"
},
{
"model": "webex",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "wrf player (linux) 27.11.8"
},
{
"model": "webex",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "wrf player (mac os x) 26.49.35"
},
{
"model": "webex",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "wrf player (mac os x) 27.11.8"
},
{
"model": "webex",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "wrf player (windows) 26.49.32"
},
{
"model": "webex",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "wrf player (windows) 27.10.x"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)27.00"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)26.00"
},
{
"model": "webex",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "27.10"
},
{
"model": "webex",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "26.49.32"
},
{
"model": "webex (mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x)27.11.8"
},
{
"model": "webex (mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x)26.49.35"
},
{
"model": "webex",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "27.11.8"
},
{
"model": "webex",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "26.49.35"
}
],
"sources": [
{
"db": "BID",
"id": "37352"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002684"
},
{
"db": "NVD",
"id": "CVE-2009-2877"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-260"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex:26.00:*:mac_os_x:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex:27.00:*:mac_os_x:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex:26.00:*:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex:27.00:*:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex:27.00:*:linux:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex:26.00:*:linux:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2009-2877"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Xiaopeng ZhangZhenhua Liu\u203b zhliu@fortinet.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200912-260"
}
],
"trust": 0.6
},
"cve": "CVE-2009-2877",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2009-2877",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-40323",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2009-2877",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200912-260",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-40323",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2009-2877",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-40323"
},
{
"db": "VULMON",
"id": "CVE-2009-2877"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002684"
},
{
"db": "NVD",
"id": "CVE-2009-2877"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-260"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Stack-based buffer overflow in ataudio.dll in the Cisco WebEx WRF Player 26.x before 26.49.32 for Windows, 27.x before 27.10.x (aka T27SP10) for Windows, 26.x before 26.49.35 for Mac OS X and Linux, and 27.x before 27.11.8 for Mac OS X and Linux allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted WebEx Recording Format (WRF) file. Cisco WebEx is prone to multiple remote buffer-overflow vulnerabilities because the software fails to perform adequate boundary checks on user-supplied data. \nAn attacker can exploit these issues to execute arbitrary code with administrative privileges. Successful exploits will completely compromise affected computers. Failed exploit attempts will result in a denial-of-service condition. ----------------------------------------------------------------------\n\nDo you have VARM strategy implemented?\n\n(Vulnerability Assessment Remediation Management) \n\nIf not, then implement it through the most reliable vulnerability\nintelligence source on the market. \n\nImplement it through Secunia. \n\nORIGINAL ADVISORY:\nCisco:\nhttp://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nCisco Security Advisory: Multiple Cisco WebEx WRF Player Vulnerabilities\n\nAdvisory ID: cisco-sa-20091216-webex\n\nhttp://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml\n\nRevision 1.0\n\nFor Public Release 2009 December 16 1600 UTC (GMT)\n\nSummary\n=======\n\nMultiple buffer overflow vulnerabilities exist in the Cisco WebEx\nRecording Format (WRF) Player. \n\nThe Cisco WebEx WRF Player is an application that is used to play back\nWebEx meeting recordings that have been recorded on the computer of an\non-line meeting attendee. The WRF Player can be automatically installed\nwhen the user accesses a WRF file that is hosted on a WebEx server. The\nWRF Player can also be manually installed for offline playback after\ndownloading the application from www.webex.com. \n\nIf the WRF Player was automatically installed, the WebEx WRF Player\nwill be automatically upgraded to the latest, non-vulnerable version\nwhen users access a WRF file hosted on a WebEx server. If the WebEx\nWRF Player was manually installed, users will need to manually install\na new version of the player after downloading the latest version from\nwww.webex.com. \n\nCisco has released free software updates that address these\nvulnerabilities. \n\nThis advisory is posted at\nhttp://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml. \n\nAffected Products\n=================\n\nVulnerable Products\n- -------------------\n\nThe vulnerabilities disclosed in this advisory affect the Cisco WebEx\nWRF Player. Affected versions of the WRF Player are those prior\nto the \"first fixed\" versions, which are shown in the section \"Software\nVersions and Fixes\" of this advisory. \n\nTo check if a Cisco WebEx server is running an affected version of the\nWebEx client build, users can log in to their Cisco WebEx server and go\nto the Support -\u003e Downloads section. The version of the WebEx client\nbuild will be displayed on the right-hand side of the page under \"About\nSupport Center\", for example \"Client build: 27.11.0.3328\". \n\nThere is no way to check if a manually installed version of the WRF\nPlayer is affected by these vulnerabilities. Therefore, Cisco recommends\nthat users upgrade to the most current version of the player that is\navailable from http://www.webex.com/downloadplayer.html. \n\nProducts Confirmed Not Vulnerable\n- ---------------------------------\n\nThe Cisco WebEx Player for the WebEx Advanced Recording Format (ARF)\nfile format is not affected by these vulnerabilities. \n\nNo other Cisco products are currently known to be affected by these\nvulnerabilities. \n\nDetails\n=======\n\nThe WebEx meeting service is a hosted multimedia conferencing solution\nthat is managed by and maintained by Cisco WebEx. The WebEx Recording\nFormat (WRF) is a file format that is used to store WebEx meeting\nrecordings that have been recorded on the computer of an on-line meeting\nattendee. The WRF Player is an application that is used to play back\nand edit WRF files (files with .wrf extensions). The WRF Player can be\nautomatically installed when the user accesses a WRF file that is hosted\non a WebEx server (stream playback mode). The WRF Player can also be\nmanually installed after downloading the application from www.webex.com\nto play back WRF files locally (offline playback mode). \n\nMultiple buffer overflow vulnerabilities exist in the WRF Player. The\nvulnerabilities may lead to a crash of the WRF Player application, or in\nsome cases, lead to remote code execution. \n\nTo exploit a vulnerability, a malicious WRF file would need to be opened\nby the WRF Player application. An attacker may be able to accomplish\nthis by providing the malicious WRF file directly to users (for example,\nvia e-mail), or by convincing users to visit a malicious website. The\nvulnerability cannot be triggered by users attending a WebEx meeting. \n\nThese vulnerabilities have been assigned the following Common\nVulnerabilities and Exposures (CVE) identifiers:\n\n * CVE-2009-2875\n * CVE-2009-2876\n * CVE-2009-2877\n * CVE-2009-2878\n * CVE-2009-2879\n * CVE-2009-2880\n\nVulnerability Scoring Details\n=============================\n\nCisco has provided scores for the vulnerabilities in this advisory based\non the Common Vulnerability Scoring System (CVSS). The CVSS scoring in\nthis Security Advisory is done in accordance with CVSS version 2.0. \n\nCVSS is a standards-based scoring method that conveys vulnerability\nseverity and helps determine urgency and priority of response. \n\nCisco has provided a base and temporal score. Customers can then\ncompute environmental scores to assist in determining the impact of the\nvulnerability in individual networks. \n\nCisco has provided an FAQ to answer additional questions regarding CVSS\nat:\n\nhttp://www.cisco.com/web/about/security/intelligence/cvss-qandas.html\n\nCisco has also provided a CVSS calculator to help compute the\nenvironmental impact for individual networks at:\n\nhttp://intellishield.cisco.com/security/alertmanager/cvss\n\n* Multiple Cisco WebEx Player Buffer Overflow Vulnerabilities (all\nvulnerabilities in this advisory)\n\nCVSS Base Score - 9.3\n Access Vector - Network\n Access Complexity - Medium\n Authentication - None\n Confidentiality Impact - Complete\n Integrity Impact - Complete\n Availability Impact - Complete\n\nCVSS Temporal Score - 7.7\n Exploitability - Functional\n Remediation Level - Official-Fix\n Report Confidence - Confirmed\n\nImpact\n======\n\nSuccessful exploitation of the vulnerabilities described in this\ndocument could result in a crash of the Cisco WebEx WRF Player\napplication, and in some cases, allow a remote attacker to execute\narbitrary code on the targeted system with the privileges of the user\nrunning the WRF Player application. \n\nSoftware Versions and Fixes\n===========================\n\nThe table below contains \"First Fixed\" information for the Cisco WebEx\nWRF Player that is automatically downloaded from a WebEx site when a WRF\nhosted on a WebEx site is accessed (stream playback mode). Fixes are\ncumulative within a major release so for example, if release 27.10.1 is\nfixed, then release 27.10.2 will have the fix too. \n\n+------------------------------------------------------------+\n| Platform | Major Release 26.x | Major Release 27.x |\n|-----------+---------------------+--------------------------|\n| Microsoft | 26.49.32; available | 27.10.x; available now |\n| Windows | now except lockdown | for non-PSO and |\n| | sites | non-lockdown sites |\n|-----------+---------------------+--------------------------|\n| | 26.49.35; available | 27.11.8; available now |\n| Mac OS X | early February 2010 | for non-PSO and |\n| | | non-lockdown sites |\n|-----------+---------------------+--------------------------|\n| | 26.49.35; available | 27.11.8; available now |\n| Linux | early February 2010 | for non-PSO and |\n| | | non-lockdown sites |\n+------------------------------------------------------------+\n\nPSO and lockdown sites running 27.x will receive the fixes for these\nvulnerabilities during the next emergency patching (EP) cycle. This\nadvisory will be updated to indicate a specific timeline once one is\navailable. \n\nIf the WRF Player was automatically installed, the WebEx WRF Player will\nbe automatically upgraded to the latest, non-vulnerable version when\nusers access a WRF file hosted on a WebEx server. \n\nIf the WebEx WRF Player was manually installed, users will need to\nmanually install a new version of the player after downloading the\nlatest version from www.webex.com. \n\nWorkarounds\n===========\n\nThere are no workarounds for the vulnerabilities disclosed in this\nadvisory. \n\nObtaining Fixed Software\n========================\n\nCisco has released free software updates that address these\nvulnerabilities. Prior to deploying software, customers should consult\ntheir maintenance provider or check the software for feature set\ncompatibility and known issues specific to their environment. \n\nCustomers may only install and expect support for the feature\nsets they have purchased. By installing, downloading, accessing\nor otherwise using such software upgrades, customers agree to be\nbound by the terms of Cisco\u0027s software license terms found at\nhttp://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html,\nor as otherwise set forth at Cisco.com Downloads at\nhttp://www.cisco.com/public/sw-center/sw-usingswc.shtml. \n\nDo not contact psirt@cisco.com or security-alert@cisco.com for software\nupgrades. \n\nCustomers that need additional information can contact WebEx Global\nSupport Services and Technical Support. WebEx Global Support Services\nand Technical Support can be reached through the WebEx support site at\nhttp://support.webex.com/support/support-overview.html or by phone at\n+1-866-229-3239 or +1-408-435-7088. \n\nCustomers outside of the United States can reference the following link\nfor local support numbers:\n\nhttp://support.webex.com/support/phone-numbers.html\n\nExploitation and Public Announcements\n=====================================\n\nThe Cisco PSIRT is not aware of malicious use of the vulnerabilities\ndescribed in this advisory. \n\nThese vulnerabilities were discovered and reported to Cisco by Xiaopeng\nZhang and Zhenhua Liu of Fortinet\u0027s FortiGuard Labs. The FortiGuard Labs\nadvisory is available at http://www.fortiguard.com. Cisco would like to\nthank FortiGuard Labs for reporting these vulnerabilities to us and for\nworking with us on a coordinated disclosure. \n\nStatus of this Notice: FINAL\n============================\n\nTHIS DOCUMENT IS PROVIDED ON AN \"AS IS\" BASIS AND DOES NOT IMPLY\nANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF\nMERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE\nINFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS\nAT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS\nDOCUMENT AT ANY TIME. \n\nA stand-alone copy or Paraphrase of the text of this document that omits\nthe distribution URL in the following section is an uncontrolled copy,\nand may lack important information or contain factual errors. \n\nDistribution\n============\n\nThis advisory is posted on Cisco\u0027s worldwide website at:\n\nhttp://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml\n\nIn addition to worldwide web posting, a text version of this notice is\nclear-signed with the Cisco PSIRT PGP key and is posted to the following\ne-mail and Usenet news recipients. \n\n * cust-security-announce@cisco.com\n * first-bulletins@lists.first.org\n * bugtraq@securityfocus.com\n * vulnwatch@vulnwatch.org\n * cisco@spot.colorado.edu\n * cisco-nsp@puck.nether.net\n * full-disclosure@lists.grok.org.uk\n * comp.dcom.sys.cisco@newsgate.cisco.com\n\nFuture updates of this advisory, if any, will be placed on Cisco\u0027s\nworldwide website, but may or may not be actively announced on mailing\nlists or newsgroups. Users concerned about this problem are encouraged\nto check the above URL for any updates. \n\nRevision History\n================\n\n+------------------------------------------------------------+\n| Revision 1.0 | 2009-December-16 | Initial public release |\n+------------------------------------------------------------+\n\nCisco Security Procedures\n=========================\n\nComplete information on reporting security vulnerabilities in\nCisco products, obtaining assistance with security incidents, and\nregistering to receive security information from Cisco, is available\non Cisco\u0027s worldwide website at\nhttp://www.cisco.com/en/US/products/products_security_vulnerability_policy.html. \nThis includes instructions for press inquiries regarding Cisco security\nnotices. All Cisco security advisories are available at\nhttp://www.cisco.com/go/psirt. \n\n+--------------------------------------------------------------------\nCopyright 2008-2009 Cisco Systems, Inc. All rights reserved. \n+--------------------------------------------------------------------\n\nUpdated: Dec 16, 2009 Document ID: 110946\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.9 (GNU/Linux)\n\niEYEARECAAYFAkspCQMACgkQ86n/Gc8U/uCn+QCeLaUWmiHsetXDoJsynUbgsmHs\nIDgAnRhmTkrcs2NhAQ7Dq8+eJqofkHSh\n=KaHv\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2009-2877"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002684"
},
{
"db": "BID",
"id": "37352"
},
{
"db": "VULHUB",
"id": "VHN-40323"
},
{
"db": "VULMON",
"id": "CVE-2009-2877"
},
{
"db": "PACKETSTORM",
"id": "84023"
},
{
"db": "PACKETSTORM",
"id": "83934"
}
],
"trust": 2.25
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2009-2877",
"trust": 3.0
},
{
"db": "BID",
"id": "37352",
"trust": 2.9
},
{
"db": "SECUNIA",
"id": "37810",
"trust": 2.7
},
{
"db": "OSVDB",
"id": "61127",
"trust": 2.6
},
{
"db": "SECTRACK",
"id": "1023360",
"trust": 2.5
},
{
"db": "VUPEN",
"id": "ADV-2009-3574",
"trust": 1.7
},
{
"db": "XF",
"id": "54992",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002684",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200912-260",
"trust": 0.7
},
{
"db": "XF",
"id": "54841",
"trust": 0.6
},
{
"db": "CISCO",
"id": "20091216 MULTIPLE CISCO WEBEX WRF PLAYER VULNERABILITIES",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-40323",
"trust": 0.1
},
{
"db": "VUPEN",
"id": "2009/3574",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2009-2877",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "84023",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "83934",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-40323"
},
{
"db": "VULMON",
"id": "CVE-2009-2877"
},
{
"db": "BID",
"id": "37352"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002684"
},
{
"db": "PACKETSTORM",
"id": "84023"
},
{
"db": "PACKETSTORM",
"id": "83934"
},
{
"db": "NVD",
"id": "CVE-2009-2877"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-260"
}
]
},
"id": "VAR-200912-0442",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-40323"
}
],
"trust": 0.725
},
"last_update_date": "2023-12-18T12:22:44.437000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20091216-webex",
"trust": 0.8,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml"
},
{
"title": "22661",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22661\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
},
{
"title": "22662",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22662\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
},
{
"title": "22663",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22663\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
},
{
"title": "22799",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22799\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
},
{
"title": "23040",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=23040\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
},
{
"title": "19499",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=19499"
},
{
"title": "22660",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22660\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
},
{
"title": "Cisco: Multiple Cisco WebEx WRF Player Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20091216-webex"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2009-2877"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002684"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-40323"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002684"
},
{
"db": "NVD",
"id": "CVE-2009-2877"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "http://www.securityfocus.com/bid/37352"
},
{
"trust": 2.6,
"url": "http://securitytracker.com/id?1023360"
},
{
"trust": 2.6,
"url": "http://secunia.com/advisories/37810"
},
{
"trust": 1.8,
"url": "http://www.cisco.com/en/us/products/products_security_advisory09186a0080b0a577.shtml"
},
{
"trust": 1.8,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=19499"
},
{
"trust": 1.8,
"url": "http://www.fortiguard.com/advisory/fga-2009-48.html"
},
{
"trust": 1.8,
"url": "http://www.fortiguard.com/encyclopedia/vulnerability/cisco.webex.player.ataudio.buffer.overflow.html"
},
{
"trust": 1.8,
"url": "http://www.osvdb.org/61127"
},
{
"trust": 1.8,
"url": "http://www.vupen.com/english/advisories/2009/3574"
},
{
"trust": 1.7,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22663\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
},
{
"trust": 1.7,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22662\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
},
{
"trust": 1.7,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=23040\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
},
{
"trust": 1.7,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22799\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
},
{
"trust": 1.7,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22660\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
},
{
"trust": 1.7,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22661\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
},
{
"trust": 1.2,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54841"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2877"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/54992"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-2877"
},
{
"trust": 0.8,
"url": "http://osvdb.org/61127"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/54841"
},
{
"trust": 0.5,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml"
},
{
"trust": 0.3,
"url": "http://www.webex.com/"
},
{
"trust": 0.3,
"url": "/archive/1/508512"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22660\u0026amp;signaturesubid=0\u0026amp;softwareversion=6.0\u0026amp;releaseversion=s456"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22661\u0026amp;signaturesubid=0\u0026amp;softwareversion=6.0\u0026amp;releaseversion=s456"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22662\u0026amp;signaturesubid=0\u0026amp;softwareversion=6.0\u0026amp;releaseversion=s456"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22663\u0026amp;signaturesubid=0\u0026amp;softwareversion=6.0\u0026amp;releaseversion=s456"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22799\u0026amp;signaturesubid=0\u0026amp;softwareversion=6.0\u0026amp;releaseversion=s456"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=23040\u0026amp;signaturesubid=0\u0026amp;softwareversion=6.0\u0026amp;releaseversion=s456"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20091216-webex"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/37810/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/business_solutions/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2878"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2880"
},
{
"trust": 0.1,
"url": "http://support.webex.com/support/phone-numbers.html"
},
{
"trust": 0.1,
"url": "http://www.fortiguard.com."
},
{
"trust": 0.1,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml."
},
{
"trust": 0.1,
"url": "http://www.cisco.com/en/us/products/products_security_vulnerability_policy.html."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2876"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2875"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/go/psirt."
},
{
"trust": 0.1,
"url": "http://www.webex.com/downloadplayer.html."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2877"
},
{
"trust": 0.1,
"url": "https://www.webex.com."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2879"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/public/sw-center/sw-usingswc.shtml."
},
{
"trust": 0.1,
"url": "http://support.webex.com/support/support-overview.html"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/en/us/docs/general/warranty/english/eu1ken_.html,"
},
{
"trust": 0.1,
"url": "http://intellishield.cisco.com/security/alertmanager/cvss"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-40323"
},
{
"db": "VULMON",
"id": "CVE-2009-2877"
},
{
"db": "BID",
"id": "37352"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002684"
},
{
"db": "PACKETSTORM",
"id": "84023"
},
{
"db": "PACKETSTORM",
"id": "83934"
},
{
"db": "NVD",
"id": "CVE-2009-2877"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-260"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-40323"
},
{
"db": "VULMON",
"id": "CVE-2009-2877"
},
{
"db": "BID",
"id": "37352"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002684"
},
{
"db": "PACKETSTORM",
"id": "84023"
},
{
"db": "PACKETSTORM",
"id": "83934"
},
{
"db": "NVD",
"id": "CVE-2009-2877"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-260"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-12-18T00:00:00",
"db": "VULHUB",
"id": "VHN-40323"
},
{
"date": "2009-12-18T00:00:00",
"db": "VULMON",
"id": "CVE-2009-2877"
},
{
"date": "2009-12-16T00:00:00",
"db": "BID",
"id": "37352"
},
{
"date": "2011-06-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-002684"
},
{
"date": "2009-12-17T17:43:52",
"db": "PACKETSTORM",
"id": "84023"
},
{
"date": "2009-12-16T23:33:50",
"db": "PACKETSTORM",
"id": "83934"
},
{
"date": "2009-12-18T19:30:00.390000",
"db": "NVD",
"id": "CVE-2009-2877"
},
{
"date": "2009-12-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200912-260"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-17T00:00:00",
"db": "VULHUB",
"id": "VHN-40323"
},
{
"date": "2017-08-17T00:00:00",
"db": "VULMON",
"id": "CVE-2009-2877"
},
{
"date": "2009-12-23T18:53:00",
"db": "BID",
"id": "37352"
},
{
"date": "2011-06-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-002684"
},
{
"date": "2017-08-17T01:30:56.523000",
"db": "NVD",
"id": "CVE-2009-2877"
},
{
"date": "2009-12-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200912-260"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "83934"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-260"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco WebEx WRF Player of ataudio.dll Vulnerable to stack-based buffer overflow",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002684"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200912-260"
}
],
"trust": 0.6
}
}
var-201810-0587
Vulnerability from variot
A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit this vulnerability by sending a user a malicious ARF or WRF file via a link or an email attachment and persuading the user to open the file by using the affected software. A successful exploit could allow the attacker to execute arbitrary code on the affected system. Cisco Webex Network Recording Player and Webex Player Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. These issues are being tracked by Cisco Bug IDs CSCvj83752, CSCvj83767, CSCvj83771, CSCvj83793, CSCvj83797, CSCvj83803, CSCvj83818, CSCvj83824, CSCvj83831, CSCvj87929, CSCvj87934, CSCvj93870, CSCvj93877, CSCvk31089, CSCvk33049, CSCvk52510, CSCvk52518, CSCvk52521, CSCvk59945, CSCvk59949, CSCvk59950, CSCvk60158, CSCvk60163, CSCvm51315, CSCvm51318, CSCvm51361, CSCvm51371, CSCvm51373, CSCvm51374, CSCvm51382, CSCvm51386, CSCvm51391, CSCvm51393, CSCvm51396, CSCvm51398, CSCvm51412, CSCvm51413, CSCvm54531, and CSCvm54538
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201810-0587",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.9,
"vendor": "cisco",
"version": "2.8"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.9,
"vendor": "cisco",
"version": "2.7"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "2.7.1"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "2.6"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.1.29"
},
{
"model": "webex meetings online",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.37"
},
{
"model": "webex business suite 33",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "33.4"
},
{
"model": "webex business suite 32",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "32.15.30"
},
{
"model": "webex business suite",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings online",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex",
"scope": null,
"trust": 0.7,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite 33",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "33.1"
},
{
"model": "webex business suite 33",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "33.0"
},
{
"model": "webex business suite 32",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "32.15.10"
},
{
"model": "webex business suite 33",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "33.2"
},
{
"model": "webex business suite 32",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite 33",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "33.3"
},
{
"model": "webex player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex network recording player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings server 3.0mr2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server 3.0mr1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server patch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.01"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8.1.2039"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8.1.1034"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8.1.1023"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8.1.1019"
},
{
"model": "webex meetings server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.81"
},
{
"model": "webex meetings server mr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8"
},
{
"model": "webex meetings server 2.7mr2 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.7.1.3047"
},
{
"model": "webex meetings server 2.6mr3 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.1.30"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.0.8"
},
{
"model": "webex meetings server 2.5mr6 patch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6"
},
{
"model": "webex meetings server 2.5mr2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.99.2"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.1.5"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.0.997"
},
{
"model": "webex meetings server mr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "webex meetings server base",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "webex meetings server 2.0mr2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5.1.6"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5.1.131"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5(.1.6)"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5(.1.131)"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.1"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings online",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.3.35"
},
{
"model": "webex meetings online",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex business suite wbs33",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite wbs32",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite wbs31",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server 3.0mr2 patch",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1"
},
{
"model": "webex meetings online",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.3.37"
},
{
"model": "webex business suite wbs33.4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite wbs32.15.20",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite wbs31.23",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1128"
},
{
"db": "BID",
"id": "105520"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010823"
},
{
"db": "NVD",
"id": "CVE-2018-15417"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-207"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_online:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.3.37",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7:maintenance_release1_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7:maintenance_release2_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5:maintenance_release2_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5:maintenance_release6_patch2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5:maintenance_release6_patch4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:maintenance_release3_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5.1.29:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:maintenance_release1_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:maintenance_release2_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5:maintenance_release5_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5:maintenance_release6_patch3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:maintenance_release3_patch2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7:base:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.8:base:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_business_suite_32:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "32.15.30",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_business_suite_33:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "33.4",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-15417"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Michael Flanders of Trend Micro Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1128"
}
],
"trust": 0.7
},
"cve": "CVE-2018-15417",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-15417",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2018-15417",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-125674",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-15417",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-15417",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2018-15417",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201810-207",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-125674",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1128"
},
{
"db": "VULHUB",
"id": "VHN-125674"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010823"
},
{
"db": "NVD",
"id": "CVE-2018-15417"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-207"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit this vulnerability by sending a user a malicious ARF or WRF file via a link or an email attachment and persuading the user to open the file by using the affected software. A successful exploit could allow the attacker to execute arbitrary code on the affected system. Cisco Webex Network Recording Player and Webex Player Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. \nThese issues are being tracked by Cisco Bug IDs CSCvj83752, CSCvj83767, CSCvj83771, CSCvj83793, CSCvj83797, CSCvj83803, CSCvj83818, CSCvj83824, CSCvj83831, CSCvj87929, CSCvj87934, CSCvj93870, CSCvj93877, CSCvk31089, CSCvk33049, CSCvk52510, CSCvk52518, CSCvk52521, CSCvk59945, CSCvk59949, CSCvk59950, CSCvk60158, CSCvk60163, CSCvm51315, CSCvm51318, CSCvm51361, CSCvm51371, CSCvm51373, CSCvm51374, CSCvm51382, CSCvm51386, CSCvm51391, CSCvm51393, CSCvm51396, CSCvm51398, CSCvm51412, CSCvm51413, CSCvm54531, and CSCvm54538",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-15417"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010823"
},
{
"db": "ZDI",
"id": "ZDI-18-1128"
},
{
"db": "BID",
"id": "105520"
},
{
"db": "VULHUB",
"id": "VHN-125674"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-15417",
"trust": 3.5
},
{
"db": "BID",
"id": "105520",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1041795",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010823",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-6798",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-1128",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201810-207",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-125674",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1128"
},
{
"db": "VULHUB",
"id": "VHN-125674"
},
{
"db": "BID",
"id": "105520"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010823"
},
{
"db": "NVD",
"id": "CVE-2018-15417"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-207"
}
]
},
"id": "VAR-201810-0587",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-125674"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:01:09.671000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20181003-webex-rce",
"trust": 1.5,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20181003-webex-rce"
},
{
"title": "Cisco Webex Network Recording Player and Webex Player Enter the fix for the verification vulnerability",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=85421"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1128"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010823"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-207"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-125674"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010823"
},
{
"db": "NVD",
"id": "CVE-2018-15417"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20181003-webex-rce"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/105520"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1041795"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-15417"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-15417"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1128"
},
{
"db": "VULHUB",
"id": "VHN-125674"
},
{
"db": "BID",
"id": "105520"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010823"
},
{
"db": "NVD",
"id": "CVE-2018-15417"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-207"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-18-1128"
},
{
"db": "VULHUB",
"id": "VHN-125674"
},
{
"db": "BID",
"id": "105520"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010823"
},
{
"db": "NVD",
"id": "CVE-2018-15417"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-207"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-08T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1128"
},
{
"date": "2018-10-05T00:00:00",
"db": "VULHUB",
"id": "VHN-125674"
},
{
"date": "2018-10-03T00:00:00",
"db": "BID",
"id": "105520"
},
{
"date": "2018-12-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010823"
},
{
"date": "2018-10-05T14:29:10.293000",
"db": "NVD",
"id": "CVE-2018-15417"
},
{
"date": "2018-10-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-207"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-08T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1128"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-125674"
},
{
"date": "2018-10-03T00:00:00",
"db": "BID",
"id": "105520"
},
{
"date": "2018-12-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010823"
},
{
"date": "2019-10-09T23:35:34.673000",
"db": "NVD",
"id": "CVE-2018-15417"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-207"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201810-207"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Webex Network Recording Player and Webex Player Input validation vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010823"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201810-207"
}
],
"trust": 0.6
}
}
var-201806-1040
Vulnerability from variot
A vulnerability in the web framework of Cisco WebEx could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web interface of an affected system. The vulnerability is due to insufficient input validation of certain parameters that are passed to the affected software via the HTTP GET and HTTP POST methods. An attacker who can convince a user to follow an attacker-supplied link could execute arbitrary script or HTML code in the user's browser in the context of an affected site. Cisco Bug IDs: CSCvi71274. Cisco WebEx Contains a cross-site scripting vulnerability. Vendors have confirmed this vulnerability Bug IDs: CSCvi71274 It is released as.Information may be obtained and information may be altered. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. Cisco WebEx is a set of Web conferencing tools developed by American Cisco (Cisco), which can assist office workers in different places to coordinate and cooperate. WebEx services include Web conferencing, telepresence video conferencing and enterprise instant messaging (IM)
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201806-1040",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webex meetings",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "1.3.5"
},
{
"model": "webex meetings",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings online webex11-v1.3.5",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "104420"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006153"
},
{
"db": "NVD",
"id": "CVE-2018-0357"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-360"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings:1.3.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-0357"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Daniel Diez Tainta",
"sources": [
{
"db": "BID",
"id": "104420"
}
],
"trust": 0.3
},
"cve": "CVE-2018-0357",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2018-0357",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-118559",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.1,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2018-0357",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-0357",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201806-360",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-118559",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-118559"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006153"
},
{
"db": "NVD",
"id": "CVE-2018-0357"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-360"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in the web framework of Cisco WebEx could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web interface of an affected system. The vulnerability is due to insufficient input validation of certain parameters that are passed to the affected software via the HTTP GET and HTTP POST methods. An attacker who can convince a user to follow an attacker-supplied link could execute arbitrary script or HTML code in the user\u0027s browser in the context of an affected site. Cisco Bug IDs: CSCvi71274. Cisco WebEx Contains a cross-site scripting vulnerability. Vendors have confirmed this vulnerability Bug IDs: CSCvi71274 It is released as.Information may be obtained and information may be altered. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. Cisco WebEx is a set of Web conferencing tools developed by American Cisco (Cisco), which can assist office workers in different places to coordinate and cooperate. WebEx services include Web conferencing, telepresence video conferencing and enterprise instant messaging (IM)",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-0357"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006153"
},
{
"db": "BID",
"id": "104420"
},
{
"db": "VULHUB",
"id": "VHN-118559"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-0357",
"trust": 2.8
},
{
"db": "BID",
"id": "104420",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1041063",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006153",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201806-360",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-118559",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-118559"
},
{
"db": "BID",
"id": "104420"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006153"
},
{
"db": "NVD",
"id": "CVE-2018-0357"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-360"
}
]
},
"id": "VAR-201806-1040",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-118559"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:08:25.226000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20180606-webex-xss1",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180606-webex-xss1"
},
{
"title": "Cisco WebEx Fixes for cross-site scripting vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=80715"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-006153"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-360"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-118559"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006153"
},
{
"db": "NVD",
"id": "CVE-2018-0357"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180606-webex-xss1"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/104420"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1041063"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0357"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-0357"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-118559"
},
{
"db": "BID",
"id": "104420"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006153"
},
{
"db": "NVD",
"id": "CVE-2018-0357"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-360"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-118559"
},
{
"db": "BID",
"id": "104420"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006153"
},
{
"db": "NVD",
"id": "CVE-2018-0357"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-360"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-06-07T00:00:00",
"db": "VULHUB",
"id": "VHN-118559"
},
{
"date": "2018-06-06T00:00:00",
"db": "BID",
"id": "104420"
},
{
"date": "2018-08-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-006153"
},
{
"date": "2018-06-07T21:29:00.917000",
"db": "NVD",
"id": "CVE-2018-0357"
},
{
"date": "2018-06-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201806-360"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-118559"
},
{
"date": "2018-06-06T00:00:00",
"db": "BID",
"id": "104420"
},
{
"date": "2018-08-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-006153"
},
{
"date": "2019-10-09T23:31:51.990000",
"db": "NVD",
"id": "CVE-2018-0357"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201806-360"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201806-360"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco WebEx Vulnerable to cross-site scripting",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-006153"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201806-360"
}
],
"trust": 0.6
}
}
var-201702-0790
Vulnerability from variot
An issue was discovered in the Cisco WebEx Extension before 1.0.7 on Google Chrome, the ActiveTouch General Plugin Container before 106 on Mozilla Firefox, the GpcContainer Class ActiveX control plugin before 10031.6.2017.0126 on Internet Explorer, and the Download Manager ActiveX control plugin before 2.1.0.10 on Internet Explorer. A vulnerability in these Cisco WebEx browser extensions could allow an unauthenticated, remote attacker to execute arbitrary code with the privileges of the affected browser on an affected system. This vulnerability affects the browser extensions for Cisco WebEx Meetings Server and Cisco WebEx Centers (Meeting Center, Event Center, Training Center, and Support Center) when they are running on Microsoft Windows. The vulnerability is a design defect in an application programing interface (API) response parser within the extension. An attacker that can convince an affected user to visit an attacker-controlled web page or follow an attacker-supplied link with an affected browser could exploit the vulnerability. If successful, the attacker could execute arbitrary code with the privileges of the affected browser. Cisco WebEx Is an online conferencing system. WebEx In online meetings using, participants typically join the meeting through a link on a web page. By following the link, through web browser extensions WebEx The software is started. (CWE-78) Exists. This issue is being tracked by Cisco Bug IDs CSCvc86959 and CSCvc88194. Cisco WebEx is a set of Web conferencing tools developed by American Cisco (Cisco), which can assist office workers in different places to coordinate and cooperate. WebEx services include Web conferencing, telepresence video conferencing and enterprise instant messaging (IM). Cisco WebEx extensions and plugins have security vulnerabilities
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201702-0790",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "2.5_mr3"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "2.5_mr2"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "2.5_mr6"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "2.5_mr5"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "2.5_mr4"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5_mr1"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0_mr5"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0_mr7"
},
{
"model": "download manager",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.1.0.9"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0_mr8"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.6_mr3"
},
{
"model": "webex meeting center",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.6_base"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.6_mr2"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.7_mr1"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5_base"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.7_mr2"
},
{
"model": "webex meeting center",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.7_mr2"
},
{
"model": "webex meeting center",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.7_mr1"
},
{
"model": "webex meeting center",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "t30_base"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.6_base"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0_mr2"
},
{
"model": "webex",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "1.0.6"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0_mr6"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0_base"
},
{
"model": "webex meeting center",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.7_base"
},
{
"model": "activetouch general plugin container",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "105"
},
{
"model": "gpccontainer class",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "10031.6.2017.0125"
},
{
"model": "webex meeting center",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.6_mr1"
},
{
"model": "webex meeting center",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.6_mr3"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0_mr4"
},
{
"model": "webex meeting center",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "t29_base"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0_mr3"
},
{
"model": "webex meeting center",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "t31_base"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.7_base"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.0_mr9"
},
{
"model": "webex meeting center",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.6_mr2"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.6_mr1"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "activetouch general plugin container",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "106 earlier (firefox)"
},
{
"model": "webex",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "extension 1.0.7 earlier (chrome)"
},
{
"model": "download manager",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "activex control 2.1.0.10 earlier (internet explorer)"
},
{
"model": "gpccontainer class activex control",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "10031.6.2017.0127 earlier (internet explorer)"
},
{
"model": "activetouch general plugin container",
"scope": "eq",
"trust": 0.3,
"vendor": "mozilla",
"version": "0"
},
{
"model": "webex internet explorer gpccontainer activex",
"scope": "eq",
"trust": 0.3,
"vendor": "microsoft",
"version": "0"
},
{
"model": "webex extension for chrome",
"scope": "eq",
"trust": 0.3,
"vendor": "google",
"version": "0"
},
{
"model": "webex extension",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0.5"
},
{
"model": "webex extension",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0.3"
},
{
"model": "webex extension",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0.2"
},
{
"model": "activetouch general plugin container",
"scope": "ne",
"trust": 0.3,
"vendor": "mozilla",
"version": "106"
},
{
"model": "webex internet explorer gpccontainer activex",
"scope": "ne",
"trust": 0.3,
"vendor": "microsoft",
"version": "10031.6.2017.0127"
},
{
"model": "webex extension for chrome",
"scope": "ne",
"trust": 0.3,
"vendor": "google",
"version": "1.0.7"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#909240"
},
{
"db": "BID",
"id": "95737"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001113"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-072"
},
{
"db": "NVD",
"id": "CVE-2017-3823"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:activetouch_general_plugin_container:105:*:*:*:*:firefox:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex:*:*:*:*:*:chrome:*:*",
"cpe_name": [],
"versionEndIncluding": "1.0.6",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:download_manager:2.1.0.9:*:*:*:*:internet_explorer:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:gpccontainer_class:*:*:*:*:*:internet_explorer:*:*",
"cpe_name": [],
"versionEndIncluding": "10031.6.2017.0125",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.0_mr7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.0_mr8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5_mr1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5_mr2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5_mr6:p1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5_mr6:p2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5_mr6:p3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6_mr3:p1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7_base:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.0_base:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.0_mr2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.0_mr8:p1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.0_mr9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5_mr2:p1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5_mr3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6_base:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6_mr1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7_mr1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7_mr1:p1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.0_mr5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.0_mr6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.0_mr9:p3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5_base:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5_mr5:p1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5_mr6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6_mr2:p1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6_mr3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.0_mr3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.0_mr4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.0_mr9:p1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.0_mr9:p2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5_mr4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5_mr5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6_mr1:p1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6_mr2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7_mr2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meeting_center:t31_base:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meeting_center:2.6_base:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meeting_center:2.7_mr1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meeting_center:2.7_mr1:p1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meeting_center:2.6_mr1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meeting_center:2.6_mr1:p1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meeting_center:2.7_mr2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meeting_center:t29_base:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meeting_center:t30_base:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meeting_center:2.6_mr3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meeting_center:2.6_mr3:p1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meeting_center:2.7_base:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meeting_center:2.6_mr2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meeting_center:2.6_mr2:p1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-3823"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "This vulnerability was reported to Cisco by Tavis Ormandy of Google.",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201702-072"
}
],
"trust": 0.6
},
"cve": "CVE-2017-3823",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2017-3823",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"availabilityRequirement": "NOT DEFINED",
"baseScore": 7.5,
"collateralDamagePotential": "NOT DEFINED",
"confidentialityImpact": "PARTIAL",
"confidentialityRequirement": "NOT DEFINED",
"enviromentalScore": 6.8,
"exploitability": "FUNCTIONAL",
"exploitabilityScore": 10.0,
"id": "CVE-2017-3823",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"integrityRequirement": "NOT DEFINED",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"remediationLevel": "WORKAROUND",
"reportConfidence": "CONFIRMED",
"severity": "HIGH",
"targetDistribution": "HIGH",
"trust": 0.8,
"userInterationRequired": null,
"vector_string": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-112026",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 8.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-3823",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-3823",
"trust": 2.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201702-072",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-112026",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2017-3823",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#909240"
},
{
"db": "VULHUB",
"id": "VHN-112026"
},
{
"db": "VULMON",
"id": "CVE-2017-3823"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001113"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-072"
},
{
"db": "NVD",
"id": "CVE-2017-3823"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "An issue was discovered in the Cisco WebEx Extension before 1.0.7 on Google Chrome, the ActiveTouch General Plugin Container before 106 on Mozilla Firefox, the GpcContainer Class ActiveX control plugin before 10031.6.2017.0126 on Internet Explorer, and the Download Manager ActiveX control plugin before 2.1.0.10 on Internet Explorer. A vulnerability in these Cisco WebEx browser extensions could allow an unauthenticated, remote attacker to execute arbitrary code with the privileges of the affected browser on an affected system. This vulnerability affects the browser extensions for Cisco WebEx Meetings Server and Cisco WebEx Centers (Meeting Center, Event Center, Training Center, and Support Center) when they are running on Microsoft Windows. The vulnerability is a design defect in an application programing interface (API) response parser within the extension. An attacker that can convince an affected user to visit an attacker-controlled web page or follow an attacker-supplied link with an affected browser could exploit the vulnerability. If successful, the attacker could execute arbitrary code with the privileges of the affected browser. Cisco WebEx Is an online conferencing system. WebEx In online meetings using, participants typically join the meeting through a link on a web page. By following the link, through web browser extensions WebEx The software is started. (CWE-78) Exists. \nThis issue is being tracked by Cisco Bug IDs CSCvc86959 and CSCvc88194. Cisco WebEx is a set of Web conferencing tools developed by American Cisco (Cisco), which can assist office workers in different places to coordinate and cooperate. WebEx services include Web conferencing, telepresence video conferencing and enterprise instant messaging (IM). Cisco WebEx extensions and plugins have security vulnerabilities",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-3823"
},
{
"db": "CERT/CC",
"id": "VU#909240"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001113"
},
{
"db": "BID",
"id": "95737"
},
{
"db": "VULHUB",
"id": "VHN-112026"
},
{
"db": "VULMON",
"id": "CVE-2017-3823"
}
],
"trust": 2.79
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-112026",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-112026"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-3823",
"trust": 3.7
},
{
"db": "CERT/CC",
"id": "VU#909240",
"trust": 3.1
},
{
"db": "BID",
"id": "95737",
"trust": 1.5
},
{
"db": "SECTRACK",
"id": "1037680",
"trust": 1.2
},
{
"db": "JVN",
"id": "JVNVU90868591",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001113",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201702-072",
"trust": 0.7
},
{
"db": "PACKETSTORM",
"id": "140870",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-112026",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2017-3823",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#909240"
},
{
"db": "VULHUB",
"id": "VHN-112026"
},
{
"db": "VULMON",
"id": "CVE-2017-3823"
},
{
"db": "BID",
"id": "95737"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001113"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-072"
},
{
"db": "NVD",
"id": "CVE-2017-3823"
}
]
},
"id": "VAR-201702-0790",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-112026"
}
],
"trust": 0.01
},
"last_update_date": "2024-02-13T23:03:47.930000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Cisco WebEx Browser Extension Remote Code Execution Vulnerability (cisco-sa-20170124-webex)",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20170124-webex"
},
{
"title": "Per-Site ActiveX Controls",
"trust": 0.8,
"url": "https://msdn.microsoft.com/en-us/library/dd433050(v=vs.85).aspx"
},
{
"title": "How to stop an ActiveX control from running in Internet Explorer",
"trust": 0.8,
"url": "https://support.microsoft.com/ja-jp/help/240797/how-to-stop-an-activex-control-from-running-in-internet-explorer"
},
{
"title": "Meeting Services Removal Tool - Support Utilities",
"trust": 0.8,
"url": "https://jajp.help.webex.com/docs/doc-2672#jive_content_id_meeting_services_removal_tool_"
},
{
"title": "Cisco WebEx extensions and plugins Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=68286"
},
{
"title": "Cisco: Cisco WebEx Browser Extension Remote Code Execution Vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20170124-webex"
},
{
"title": "The Register",
"trust": 0.1,
"url": "https://www.theregister.co.uk/2019/04/01/security_roundup_290319/"
},
{
"title": "The Register",
"trust": 0.1,
"url": "https://www.theregister.co.uk/2017/08/16/disdain_exploit_kit/"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2017-3823"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001113"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-072"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
},
{
"problemtype": "CWE-78",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-112026"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001113"
},
{
"db": "NVD",
"id": "CVE-2017-3823"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.9,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20170124-webex"
},
{
"trust": 2.4,
"url": "https://www.kb.cert.org/vuls/id/909240"
},
{
"trust": 2.3,
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1096"
},
{
"trust": 2.0,
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1100"
},
{
"trust": 2.0,
"url": "https://blog.filippo.io/webex-extension-vulnerability/"
},
{
"trust": 1.2,
"url": "http://www.securityfocus.com/bid/95737"
},
{
"trust": 1.2,
"url": "https://0patch.blogspot.com/2017/01/micropatching-remote-code-execution-in.html"
},
{
"trust": 1.2,
"url": "http://www.securitytracker.com/id/1037680"
},
{
"trust": 0.8,
"url": "https://help.webex.com/docs/doc-2672"
},
{
"trust": 0.8,
"url": "https://msdn.microsoft.com/en-us/library/dd433050(v=vs.85).aspx#_user"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-3823"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu90868591/"
},
{
"trust": 0.8,
"url": "https://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2017-3823"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
},
{
"trust": 0.3,
"url": "webex.com"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#909240"
},
{
"db": "VULHUB",
"id": "VHN-112026"
},
{
"db": "VULMON",
"id": "CVE-2017-3823"
},
{
"db": "BID",
"id": "95737"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001113"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-072"
},
{
"db": "NVD",
"id": "CVE-2017-3823"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#909240"
},
{
"db": "VULHUB",
"id": "VHN-112026"
},
{
"db": "VULMON",
"id": "CVE-2017-3823"
},
{
"db": "BID",
"id": "95737"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-001113"
},
{
"db": "CNNVD",
"id": "CNNVD-201702-072"
},
{
"db": "NVD",
"id": "CVE-2017-3823"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-01-27T00:00:00",
"db": "CERT/CC",
"id": "VU#909240"
},
{
"date": "2017-02-01T00:00:00",
"db": "VULHUB",
"id": "VHN-112026"
},
{
"date": "2017-02-01T00:00:00",
"db": "VULMON",
"id": "CVE-2017-3823"
},
{
"date": "2017-01-24T00:00:00",
"db": "BID",
"id": "95737"
},
{
"date": "2017-01-31T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-001113"
},
{
"date": "2017-02-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201702-072"
},
{
"date": "2017-02-01T11:59:00.133000",
"db": "NVD",
"id": "CVE-2017-3823"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-01-27T00:00:00",
"db": "CERT/CC",
"id": "VU#909240"
},
{
"date": "2017-10-10T00:00:00",
"db": "VULHUB",
"id": "VHN-112026"
},
{
"date": "2017-10-10T00:00:00",
"db": "VULMON",
"id": "CVE-2017-3823"
},
{
"date": "2017-02-02T01:03:00",
"db": "BID",
"id": "95737"
},
{
"date": "2017-03-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-001113"
},
{
"date": "2019-03-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201702-072"
},
{
"date": "2017-10-10T01:30:22.267000",
"db": "NVD",
"id": "CVE-2017-3823"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201702-072"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco WebEx web browser extension allows arbitrary code execution",
"sources": [
{
"db": "CERT/CC",
"id": "VU#909240"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201702-072"
}
],
"trust": 0.6
}
}
var-202011-1340
Vulnerability from variot
Multiple vulnerabilities in Cisco Webex Network Recording Player for Windows and Cisco Webex Player for Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerabilities are due to insufficient validation of certain elements of a Webex recording that is stored in the Advanced Recording Format (ARF) or Webex Recording Format (WRF). An attacker could exploit these vulnerabilities by sending a user a malicious ARF or WRF file through a link or email attachment and persuading the user to open the file with the affected software on the local system. A successful exploit could allow the attacker to execute arbitrary code on the affected system with the privileges of the targeted user. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202011-1340",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webex meetings",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "40.7.0"
},
{
"model": "webex meetings",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "40.8.0"
},
{
"model": "webex meetings",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "40.6.11"
},
{
"model": "cisco webex meetings",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "cisco webex meetings",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "webex",
"scope": null,
"trust": 0.7,
"vendor": "cisco",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-1363"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-013129"
},
{
"db": "NVD",
"id": "CVE-2020-3604"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "40.8.0",
"versionStartIncluding": "40.7.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "40.6.11",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-3604"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Francis Provencher {PRL}",
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-1363"
}
],
"trust": 0.7
},
"cve": "CVE-2020-3604",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2020-3604",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-181729",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2020-3604",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2020-3604",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "REQUIRED",
"vectorString": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-3604",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ykramarz@cisco.com",
"id": "CVE-2020-3604",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2020-3604",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202011-340",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-181729",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-1363"
},
{
"db": "VULHUB",
"id": "VHN-181729"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-013129"
},
{
"db": "NVD",
"id": "CVE-2020-3604"
},
{
"db": "NVD",
"id": "CVE-2020-3604"
},
{
"db": "CNNVD",
"id": "CNNVD-202011-340"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple vulnerabilities in Cisco Webex Network Recording Player for Windows and Cisco Webex Player for Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerabilities are due to insufficient validation of certain elements of a Webex recording that is stored in the Advanced Recording Format (ARF) or Webex Recording Format (WRF). An attacker could exploit these vulnerabilities by sending a user a malicious ARF or WRF file through a link or email attachment and persuading the user to open the file with the affected software on the local system. A successful exploit could allow the attacker to execute arbitrary code on the affected system with the privileges of the targeted user. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-3604"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-013129"
},
{
"db": "ZDI",
"id": "ZDI-20-1363"
},
{
"db": "VULHUB",
"id": "VHN-181729"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-3604",
"trust": 3.2
},
{
"db": "ZDI",
"id": "ZDI-20-1363",
"trust": 2.4
},
{
"db": "JVNDB",
"id": "JVNDB-2020-013129",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-11175",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-202011-340",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2020.3855",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-181729",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-1363"
},
{
"db": "VULHUB",
"id": "VHN-181729"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-013129"
},
{
"db": "NVD",
"id": "CVE-2020-3604"
},
{
"db": "CNNVD",
"id": "CNNVD-202011-340"
}
]
},
"id": "VAR-202011-1340",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-181729"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:16:43.673000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-webex-nbr-NOS6FQ24",
"trust": 1.5,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-webex-nbr-nos6fq24"
},
{
"title": "Cisco Webex Network Recording Player Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=133186"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-1363"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-013129"
},
{
"db": "CNNVD",
"id": "CNNVD-202011-340"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.1
},
{
"problemtype": "Buffer error (CWE-119) [NVD Evaluation ]",
"trust": 0.8
},
{
"problemtype": "CWE-119",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-181729"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-013129"
},
{
"db": "NVD",
"id": "CVE-2020-3604"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.0,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-webex-nbr-nos6fq24"
},
{
"trust": 1.7,
"url": "https://www.zerodayinitiative.com/advisories/zdi-20-1363/"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-3604"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.3855/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-1363"
},
{
"db": "VULHUB",
"id": "VHN-181729"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-013129"
},
{
"db": "NVD",
"id": "CVE-2020-3604"
},
{
"db": "CNNVD",
"id": "CNNVD-202011-340"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-20-1363"
},
{
"db": "VULHUB",
"id": "VHN-181729"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-013129"
},
{
"db": "NVD",
"id": "CVE-2020-3604"
},
{
"db": "CNNVD",
"id": "CNNVD-202011-340"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-11-10T00:00:00",
"db": "ZDI",
"id": "ZDI-20-1363"
},
{
"date": "2020-11-06T00:00:00",
"db": "VULHUB",
"id": "VHN-181729"
},
{
"date": "2021-06-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-013129"
},
{
"date": "2020-11-06T19:15:15.767000",
"db": "NVD",
"id": "CVE-2020-3604"
},
{
"date": "2020-11-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202011-340"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-11-10T00:00:00",
"db": "ZDI",
"id": "ZDI-20-1363"
},
{
"date": "2021-10-19T00:00:00",
"db": "VULHUB",
"id": "VHN-181729"
},
{
"date": "2021-06-18T09:09:00",
"db": "JVNDB",
"id": "JVNDB-2020-013129"
},
{
"date": "2023-11-07T03:23:00.817000",
"db": "NVD",
"id": "CVE-2020-3604"
},
{
"date": "2021-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202011-340"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202011-340"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows\u00a0 for \u00a0Cisco\u00a0Webex\u00a0Network\u00a0Recording\u00a0Player\u00a0 and \u00a0Cisco\u00a0Webex\u00a0Player\u00a0 Buffer Error Vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-013129"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202011-340"
}
],
"trust": 0.6
}
}
var-201711-0383
Vulnerability from variot
A "Cisco WebEx Network Recording Player Remote Code Execution Vulnerability" exists in Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) and WebEx Recording Format (WRF) files. A remote attacker could exploit this by providing a user with a malicious ARF or WRF file via email or URL and convincing the user to launch the file. Exploitation of this could cause an affected player to crash and, in some cases, could allow arbitrary code execution on the system of a targeted user. Cisco Bug IDs: CSCvf57234, CSCvg54868, CSCvg54870. Vendors have confirmed this vulnerability Bug ID CSCvf57234 , CSCvg54868 ,and CSCvg54870 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Authentication is not required to exploit this vulnerability.The specific flaw exists within the wbx URI handler. When parsing the register parameter, the process does not properly validate a user-supplied string before using it to execute a system command. An attacker can leverage this vulnerability to execute commands under the context of the current user. Multiple Cisco WebEx Products are prone to the following security vulnerabilities: 1. Multiple remote code-execution vulnerabilities 2. Failed exploit attempts will likely result in denial-of-service conditions. Cisco WebEx Business Suite (WBS30) client and so on are the client software of Cisco's video conferencing solution. The following products and versions are affected: Cisco WebEx Business Suite (WBS30) client builds prior to T30.20; WebEx Business Suite (WBS31) client builds prior to T31.14.1; WebEx Business Suite (WBS32) client builds prior to T32.2 versions before WebEx Meetings with client builds prior to T31.14; versions prior to WebEx Meeting Server builds 2.7MR3
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201711-0383",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "2.6"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "2.7"
},
{
"model": "webex meetings",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "t31.11.2"
},
{
"model": "webex meetings",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "t30"
},
{
"model": "webex meetings",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "t29"
},
{
"model": "webex business suite client",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex",
"scope": null,
"trust": 0.7,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings client",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meeting server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex business suite client t31.10",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite client t30.17",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings client t31.14",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meeting server 2.7mr3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite client t32.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite client t31.14.1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite client t30.20",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-933"
},
{
"db": "BID",
"id": "102017"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010395"
},
{
"db": "NVD",
"id": "CVE-2017-12372"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-1145"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings:t31.11.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings:t30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings:t29:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-12372"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "rgod",
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-933"
}
],
"trust": 0.7
},
"cve": "CVE-2017-12372",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2017-12372",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 1.5,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-102888",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"impactScore": 6.0,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.6,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-12372",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-12372",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "ZDI",
"id": "CVE-2017-12372",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201711-1145",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-102888",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-933"
},
{
"db": "VULHUB",
"id": "VHN-102888"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010395"
},
{
"db": "NVD",
"id": "CVE-2017-12372"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-1145"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A \"Cisco WebEx Network Recording Player Remote Code Execution Vulnerability\" exists in Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) and WebEx Recording Format (WRF) files. A remote attacker could exploit this by providing a user with a malicious ARF or WRF file via email or URL and convincing the user to launch the file. Exploitation of this could cause an affected player to crash and, in some cases, could allow arbitrary code execution on the system of a targeted user. Cisco Bug IDs: CSCvf57234, CSCvg54868, CSCvg54870. Vendors have confirmed this vulnerability Bug ID CSCvf57234 , CSCvg54868 ,and CSCvg54870 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Authentication is not required to exploit this vulnerability.The specific flaw exists within the wbx URI handler. When parsing the register parameter, the process does not properly validate a user-supplied string before using it to execute a system command. An attacker can leverage this vulnerability to execute commands under the context of the current user. Multiple Cisco WebEx Products are prone to the following security vulnerabilities:\n1. Multiple remote code-execution vulnerabilities\n2. Failed exploit attempts will likely result in denial-of-service conditions. Cisco WebEx Business Suite (WBS30) client and so on are the client software of Cisco\u0027s video conferencing solution. The following products and versions are affected: Cisco WebEx Business Suite (WBS30) client builds prior to T30.20; WebEx Business Suite (WBS31) client builds prior to T31.14.1; WebEx Business Suite (WBS32) client builds prior to T32.2 versions before WebEx Meetings with client builds prior to T31.14; versions prior to WebEx Meeting Server builds 2.7MR3",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-12372"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010395"
},
{
"db": "ZDI",
"id": "ZDI-17-933"
},
{
"db": "BID",
"id": "102017"
},
{
"db": "VULHUB",
"id": "VHN-102888"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-12372",
"trust": 3.6
},
{
"db": "BID",
"id": "102017",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1039895",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010395",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5041",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-17-933",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201711-1145",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-102888",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "145176",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-933"
},
{
"db": "VULHUB",
"id": "VHN-102888"
},
{
"db": "BID",
"id": "102017"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010395"
},
{
"db": "PACKETSTORM",
"id": "145176"
},
{
"db": "NVD",
"id": "CVE-2017-12372"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-1145"
}
]
},
"id": "VAR-201711-0383",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-102888"
}
],
"trust": 0.6857143
},
"last_update_date": "2023-12-18T12:44:20.800000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20171129-webex-players",
"trust": 1.5,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20171129-webex-players"
},
{
"title": "Multiple Cisco product WebEx Recording Format Player and Advanced Recording Format Player Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=76800"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-933"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010395"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-1145"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-102888"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010395"
},
{
"db": "NVD",
"id": "CVE-2017-12372"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20171129-webex-players"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/102017"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1039895"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-12372"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-12372"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-12369"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-12367"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-12368"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-12370"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-12371"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-17-933"
},
{
"db": "VULHUB",
"id": "VHN-102888"
},
{
"db": "BID",
"id": "102017"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010395"
},
{
"db": "PACKETSTORM",
"id": "145176"
},
{
"db": "NVD",
"id": "CVE-2017-12372"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-1145"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-17-933"
},
{
"db": "VULHUB",
"id": "VHN-102888"
},
{
"db": "BID",
"id": "102017"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-010395"
},
{
"db": "PACKETSTORM",
"id": "145176"
},
{
"db": "NVD",
"id": "CVE-2017-12372"
},
{
"db": "CNNVD",
"id": "CNNVD-201711-1145"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-12-06T00:00:00",
"db": "ZDI",
"id": "ZDI-17-933"
},
{
"date": "2017-11-30T00:00:00",
"db": "VULHUB",
"id": "VHN-102888"
},
{
"date": "2017-11-29T00:00:00",
"db": "BID",
"id": "102017"
},
{
"date": "2017-12-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-010395"
},
{
"date": "2017-12-01T03:05:38",
"db": "PACKETSTORM",
"id": "145176"
},
{
"date": "2017-11-30T09:29:01.713000",
"db": "NVD",
"id": "CVE-2017-12372"
},
{
"date": "2017-11-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201711-1145"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-12-06T00:00:00",
"db": "ZDI",
"id": "ZDI-17-933"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-102888"
},
{
"date": "2017-12-19T22:01:00",
"db": "BID",
"id": "102017"
},
{
"date": "2017-12-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-010395"
},
{
"date": "2019-10-09T23:23:02.340000",
"db": "NVD",
"id": "CVE-2017-12372"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201711-1145"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201711-1145"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco WebEx Network Recording Player for Advanced Recording Format and WebEx Recording Format Buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-010395"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201711-1145"
}
],
"trust": 0.6
}
}
var-201305-0014
Vulnerability from variot
Cisco WebEx 4.1 on iOS does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate, aka Bug ID CSCud94176. Cisco WebEx for iOS is prone to a security-bypass vulnerability. Successfully exploiting this issue allows attackers to perform man-in-the-middle attacks or impersonate trusted servers which will aid further attacks. Cisco WebEx for iOS 4.1 is vulnerable; other versions may also be affected. Cisco WebEx is a set of Web conferencing tools developed by American Cisco (Cisco), which can assist office workers in different places to coordinate and cooperate. WebEx services include Web conferencing, telepresence video conferencing and enterprise instant messaging (IM)
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201305-0014",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webex",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "4.1"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "for ios 4.1"
},
{
"model": "webex for ios",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
}
],
"sources": [
{
"db": "BID",
"id": "60155"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002832"
},
{
"db": "NVD",
"id": "CVE-2012-6399"
},
{
"db": "CNNVD",
"id": "CNNVD-201305-544"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex:4.1:-:*:*:*:iphone_os:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-6399"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Charlie Eriksen via Secunia.",
"sources": [
{
"db": "BID",
"id": "60155"
},
{
"db": "CNNVD",
"id": "CNNVD-201305-544"
}
],
"trust": 0.9
},
"cve": "CVE-2012-6399",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2012-6399",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-59680",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-6399",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201305-544",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-59680",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-59680"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002832"
},
{
"db": "NVD",
"id": "CVE-2012-6399"
},
{
"db": "CNNVD",
"id": "CNNVD-201305-544"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco WebEx 4.1 on iOS does not verify that the server hostname matches a domain name in the subject\u0027s Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate, aka Bug ID CSCud94176. Cisco WebEx for iOS is prone to a security-bypass vulnerability. \nSuccessfully exploiting this issue allows attackers to perform man-in-the-middle attacks or impersonate trusted servers which will aid further attacks. \nCisco WebEx for iOS 4.1 is vulnerable; other versions may also be affected. Cisco WebEx is a set of Web conferencing tools developed by American Cisco (Cisco), which can assist office workers in different places to coordinate and cooperate. WebEx services include Web conferencing, telepresence video conferencing and enterprise instant messaging (IM)",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-6399"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002832"
},
{
"db": "BID",
"id": "60155"
},
{
"db": "VULHUB",
"id": "VHN-59680"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-6399",
"trust": 2.8
},
{
"db": "SECUNIA",
"id": "51412",
"trust": 1.7
},
{
"db": "BID",
"id": "60155",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002832",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201305-544",
"trust": 0.7
},
{
"db": "SEEBUG",
"id": "SSVID-60809",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-59680",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-59680"
},
{
"db": "BID",
"id": "60155"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002832"
},
{
"db": "NVD",
"id": "CVE-2012-6399"
},
{
"db": "CNNVD",
"id": "CNNVD-201305-544"
}
]
},
"id": "VAR-201305-0014",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-59680"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:29:54.149000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Cisco WebEx",
"trust": 0.8,
"url": "http://www.cisco.com/web/jp/product/hs/webex/index.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-002832"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-59680"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002832"
},
{
"db": "NVD",
"id": "CVE-2012-6399"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://secunia.com/advisories/51412"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-6399"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-6399"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/60155"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
},
{
"trust": 0.3,
"url": "http://www.webex.com/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-59680"
},
{
"db": "BID",
"id": "60155"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002832"
},
{
"db": "NVD",
"id": "CVE-2012-6399"
},
{
"db": "CNNVD",
"id": "CNNVD-201305-544"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-59680"
},
{
"db": "BID",
"id": "60155"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-002832"
},
{
"db": "NVD",
"id": "CVE-2012-6399"
},
{
"db": "CNNVD",
"id": "CNNVD-201305-544"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-05-27T00:00:00",
"db": "VULHUB",
"id": "VHN-59680"
},
{
"date": "2013-05-24T00:00:00",
"db": "BID",
"id": "60155"
},
{
"date": "2013-05-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-002832"
},
{
"date": "2013-05-27T14:55:01.037000",
"db": "NVD",
"id": "CVE-2012-6399"
},
{
"date": "2013-05-27T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201305-544"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-05-28T00:00:00",
"db": "VULHUB",
"id": "VHN-59680"
},
{
"date": "2013-05-24T00:00:00",
"db": "BID",
"id": "60155"
},
{
"date": "2013-05-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-002832"
},
{
"date": "2013-05-28T04:00:00",
"db": "NVD",
"id": "CVE-2012-6399"
},
{
"date": "2013-05-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201305-544"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201305-544"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "iOS Run on Cisco WebEx In SSL Vulnerability impersonating a server",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-002832"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201305-544"
}
],
"trust": 0.6
}
}
var-201810-0591
Vulnerability from variot
A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit this vulnerability by sending a user a malicious ARF or WRF file via a link or an email attachment and persuading the user to open the file by using the affected software. A successful exploit could allow the attacker to execute arbitrary code on the affected system. Cisco Webex Network Recording Player and Webex Player Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. When parsing an ARF file, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. These issues are being tracked by Cisco Bug IDs CSCvj63665, CSCvj63672, CSCvj63676, CSCvj63717, CSCvj63724, CSCvj63729, CSCvj67334, CSCvj67339, and CSCvj67344. Cisco Webex Meetings Suite and others are multi-functional video conferencing solutions of Cisco (Cisco)
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201810-0591",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "2.6"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "2.7"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "2.8"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "2.7.1"
},
{
"model": "webex business suite 33",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "33.3"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.1.29"
},
{
"model": "webex meetings online",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.37"
},
{
"model": "webex business suite 32",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "32.15.10"
},
{
"model": "webex business suite",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings online",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex",
"scope": null,
"trust": 0.7,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings suite",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex network recording player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings online",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings suite wbs33.3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings suite wbs32.15.10",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server 3.0mr2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings online",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.3.37"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1078"
},
{
"db": "BID",
"id": "105374"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010553"
},
{
"db": "NVD",
"id": "CVE-2018-15421"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-993"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_online:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.3.37",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5:maintenance_release2_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5:maintenance_release6_patch2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:maintenance_release1_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:maintenance_release3_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7:base:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7:maintenance_release1_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7:maintenance_release2_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5:maintenance_release6_patch3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5:maintenance_release6_patch4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5.1.29:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5:maintenance_release5_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:maintenance_release2_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:maintenance_release3_patch2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.8:base:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_business_suite_32:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "32.15.10",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_business_suite_33:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "33.3",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-15421"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ziad Badawi",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1078"
}
],
"trust": 0.7
},
"cve": "CVE-2018-15421",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-15421",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 4.9,
"id": "CVE-2018-15421",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-125679",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-15421",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-15421",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2018-15421",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201809-993",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-125679",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1078"
},
{
"db": "VULHUB",
"id": "VHN-125679"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010553"
},
{
"db": "NVD",
"id": "CVE-2018-15421"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-993"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit this vulnerability by sending a user a malicious ARF or WRF file via a link or an email attachment and persuading the user to open the file by using the affected software. A successful exploit could allow the attacker to execute arbitrary code on the affected system. Cisco Webex Network Recording Player and Webex Player Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. When parsing an ARF file, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. \nThese issues are being tracked by Cisco Bug IDs CSCvj63665, CSCvj63672, CSCvj63676, CSCvj63717, CSCvj63724, CSCvj63729, CSCvj67334, CSCvj67339, and CSCvj67344. Cisco Webex Meetings Suite and others are multi-functional video conferencing solutions of Cisco (Cisco)",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-15421"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010553"
},
{
"db": "ZDI",
"id": "ZDI-18-1078"
},
{
"db": "BID",
"id": "105374"
},
{
"db": "VULHUB",
"id": "VHN-125679"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-15421",
"trust": 3.5
},
{
"db": "BID",
"id": "105374",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1041689",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010553",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-6254",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-1078",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201809-993",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-125679",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1078"
},
{
"db": "VULHUB",
"id": "VHN-125679"
},
{
"db": "BID",
"id": "105374"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010553"
},
{
"db": "NVD",
"id": "CVE-2018-15421"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-993"
}
]
},
"id": "VAR-201810-0591",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-125679"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:18:26.309000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20180919-webex",
"trust": 1.5,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180919-webex"
},
{
"title": "Cisco Webex Network Recording Player Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=85102"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1078"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010553"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-993"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.1
},
{
"problemtype": "CWE-20",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-125679"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010553"
},
{
"db": "NVD",
"id": "CVE-2018-15421"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180919-webex"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/105374"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1041689"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-15421"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-15421"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
},
{
"trust": 0.3,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180919-webex "
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1078"
},
{
"db": "VULHUB",
"id": "VHN-125679"
},
{
"db": "BID",
"id": "105374"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010553"
},
{
"db": "NVD",
"id": "CVE-2018-15421"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-993"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-18-1078"
},
{
"db": "VULHUB",
"id": "VHN-125679"
},
{
"db": "BID",
"id": "105374"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010553"
},
{
"db": "NVD",
"id": "CVE-2018-15421"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-993"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-09-21T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1078"
},
{
"date": "2018-10-05T00:00:00",
"db": "VULHUB",
"id": "VHN-125679"
},
{
"date": "2018-09-19T00:00:00",
"db": "BID",
"id": "105374"
},
{
"date": "2018-12-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010553"
},
{
"date": "2018-10-05T14:29:10.747000",
"db": "NVD",
"id": "CVE-2018-15421"
},
{
"date": "2018-09-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201809-993"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-09-21T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1078"
},
{
"date": "2020-09-16T00:00:00",
"db": "VULHUB",
"id": "VHN-125679"
},
{
"date": "2018-09-19T00:00:00",
"db": "BID",
"id": "105374"
},
{
"date": "2018-12-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010553"
},
{
"date": "2020-09-16T14:16:01.580000",
"db": "NVD",
"id": "CVE-2018-15421"
},
{
"date": "2020-10-22T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201809-993"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201809-993"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Webex Network Recording Player and Webex Player Input validation vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010553"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201809-993"
}
],
"trust": 0.6
}
}
var-200912-0440
Vulnerability from variot
Buffer overflow in atas32.dll in the Cisco WebEx WRF Player 26.x before 26.49.32 for Windows, 27.x before 27.10.x for Windows, 26.x before 26.49.35 for Mac OS X and Linux, and 27.x before 27.11.8 for Mac OS X and Linux allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted WebEx Recording Format (WRF) file. Cisco WebEx is prone to multiple remote buffer-overflow vulnerabilities because the software fails to perform adequate boundary checks on user-supplied data. An attacker can exploit these issues to execute arbitrary code with administrative privileges. Successful exploits will completely compromise affected computers. Failed exploit attempts will result in a denial-of-service condition. ----------------------------------------------------------------------
Do you have VARM strategy implemented?
(Vulnerability Assessment Remediation Management)
If not, then implement it through the most reliable vulnerability intelligence source on the market.
Implement it through Secunia.
ORIGINAL ADVISORY: Cisco: http://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Cisco Security Advisory: Multiple Cisco WebEx WRF Player Vulnerabilities
Advisory ID: cisco-sa-20091216-webex
http://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml
Revision 1.0
For Public Release 2009 December 16 1600 UTC (GMT)
Summary
Multiple buffer overflow vulnerabilities exist in the Cisco WebEx Recording Format (WRF) Player.
The Cisco WebEx WRF Player is an application that is used to play back WebEx meeting recordings that have been recorded on the computer of an on-line meeting attendee. The WRF Player can be automatically installed when the user accesses a WRF file that is hosted on a WebEx server. The WRF Player can also be manually installed for offline playback after downloading the application from www.webex.com.
If the WRF Player was automatically installed, the WebEx WRF Player will be automatically upgraded to the latest, non-vulnerable version when users access a WRF file hosted on a WebEx server. If the WebEx WRF Player was manually installed, users will need to manually install a new version of the player after downloading the latest version from www.webex.com.
Cisco has released free software updates that address these vulnerabilities.
This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml.
Affected Products
Vulnerable Products
The vulnerabilities disclosed in this advisory affect the Cisco WebEx WRF Player. Affected versions of the WRF Player are those prior to the "first fixed" versions, which are shown in the section "Software Versions and Fixes" of this advisory.
To check if a Cisco WebEx server is running an affected version of the WebEx client build, users can log in to their Cisco WebEx server and go to the Support -> Downloads section. The version of the WebEx client build will be displayed on the right-hand side of the page under "About Support Center", for example "Client build: 27.11.0.3328".
There is no way to check if a manually installed version of the WRF Player is affected by these vulnerabilities. Therefore, Cisco recommends that users upgrade to the most current version of the player that is available from http://www.webex.com/downloadplayer.html.
Products Confirmed Not Vulnerable
The Cisco WebEx Player for the WebEx Advanced Recording Format (ARF) file format is not affected by these vulnerabilities.
No other Cisco products are currently known to be affected by these vulnerabilities.
Details
The WebEx meeting service is a hosted multimedia conferencing solution that is managed by and maintained by Cisco WebEx. The WebEx Recording Format (WRF) is a file format that is used to store WebEx meeting recordings that have been recorded on the computer of an on-line meeting attendee. The WRF Player is an application that is used to play back and edit WRF files (files with .wrf extensions). The WRF Player can be automatically installed when the user accesses a WRF file that is hosted on a WebEx server (stream playback mode). The WRF Player can also be manually installed after downloading the application from www.webex.com to play back WRF files locally (offline playback mode).
Multiple buffer overflow vulnerabilities exist in the WRF Player. The vulnerabilities may lead to a crash of the WRF Player application, or in some cases, lead to remote code execution.
To exploit a vulnerability, a malicious WRF file would need to be opened by the WRF Player application. An attacker may be able to accomplish this by providing the malicious WRF file directly to users (for example, via e-mail), or by convincing users to visit a malicious website. The vulnerability cannot be triggered by users attending a WebEx meeting.
These vulnerabilities have been assigned the following Common Vulnerabilities and Exposures (CVE) identifiers:
- CVE-2009-2875
- CVE-2009-2876
- CVE-2009-2877
- CVE-2009-2878
- CVE-2009-2879
- CVE-2009-2880
Vulnerability Scoring Details
Cisco has provided scores for the vulnerabilities in this advisory based on the Common Vulnerability Scoring System (CVSS). The CVSS scoring in this Security Advisory is done in accordance with CVSS version 2.0.
CVSS is a standards-based scoring method that conveys vulnerability severity and helps determine urgency and priority of response.
Cisco has provided a base and temporal score. Customers can then compute environmental scores to assist in determining the impact of the vulnerability in individual networks.
Cisco has provided an FAQ to answer additional questions regarding CVSS at:
http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html
Cisco has also provided a CVSS calculator to help compute the environmental impact for individual networks at:
http://intellishield.cisco.com/security/alertmanager/cvss
- Multiple Cisco WebEx Player Buffer Overflow Vulnerabilities (all vulnerabilities in this advisory)
CVSS Base Score - 9.3 Access Vector - Network Access Complexity - Medium Authentication - None Confidentiality Impact - Complete Integrity Impact - Complete Availability Impact - Complete
CVSS Temporal Score - 7.7 Exploitability - Functional Remediation Level - Official-Fix Report Confidence - Confirmed
Impact
Successful exploitation of the vulnerabilities described in this document could result in a crash of the Cisco WebEx WRF Player application, and in some cases, allow a remote attacker to execute arbitrary code on the targeted system with the privileges of the user running the WRF Player application.
Software Versions and Fixes
The table below contains "First Fixed" information for the Cisco WebEx WRF Player that is automatically downloaded from a WebEx site when a WRF hosted on a WebEx site is accessed (stream playback mode). Fixes are cumulative within a major release so for example, if release 27.10.1 is fixed, then release 27.10.2 will have the fix too.
+------------------------------------------------------------+ | Platform | Major Release 26.x | Major Release 27.x | |-----------+---------------------+--------------------------| | Microsoft | 26.49.32; available | 27.10.x; available now | | Windows | now except lockdown | for non-PSO and | | | sites | non-lockdown sites | |-----------+---------------------+--------------------------| | | 26.49.35; available | 27.11.8; available now | | Mac OS X | early February 2010 | for non-PSO and | | | | non-lockdown sites | |-----------+---------------------+--------------------------| | | 26.49.35; available | 27.11.8; available now | | Linux | early February 2010 | for non-PSO and | | | | non-lockdown sites | +------------------------------------------------------------+
PSO and lockdown sites running 27.x will receive the fixes for these vulnerabilities during the next emergency patching (EP) cycle. This advisory will be updated to indicate a specific timeline once one is available.
If the WRF Player was automatically installed, the WebEx WRF Player will be automatically upgraded to the latest, non-vulnerable version when users access a WRF file hosted on a WebEx server.
If the WebEx WRF Player was manually installed, users will need to manually install a new version of the player after downloading the latest version from www.webex.com.
Workarounds
There are no workarounds for the vulnerabilities disclosed in this advisory.
Obtaining Fixed Software
Cisco has released free software updates that address these vulnerabilities. Prior to deploying software, customers should consult their maintenance provider or check the software for feature set compatibility and known issues specific to their environment.
Customers may only install and expect support for the feature sets they have purchased. By installing, downloading, accessing or otherwise using such software upgrades, customers agree to be bound by the terms of Cisco's software license terms found at http://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html, or as otherwise set forth at Cisco.com Downloads at http://www.cisco.com/public/sw-center/sw-usingswc.shtml.
Do not contact psirt@cisco.com or security-alert@cisco.com for software upgrades.
Customers that need additional information can contact WebEx Global Support Services and Technical Support. WebEx Global Support Services and Technical Support can be reached through the WebEx support site at http://support.webex.com/support/support-overview.html or by phone at +1-866-229-3239 or +1-408-435-7088.
Customers outside of the United States can reference the following link for local support numbers:
http://support.webex.com/support/phone-numbers.html
Exploitation and Public Announcements
The Cisco PSIRT is not aware of malicious use of the vulnerabilities described in this advisory.
These vulnerabilities were discovered and reported to Cisco by Xiaopeng Zhang and Zhenhua Liu of Fortinet's FortiGuard Labs. The FortiGuard Labs advisory is available at http://www.fortiguard.com. Cisco would like to thank FortiGuard Labs for reporting these vulnerabilities to us and for working with us on a coordinated disclosure.
Status of this Notice: FINAL
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.
A stand-alone copy or Paraphrase of the text of this document that omits the distribution URL in the following section is an uncontrolled copy, and may lack important information or contain factual errors.
Distribution
This advisory is posted on Cisco's worldwide website at:
http://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml
In addition to worldwide web posting, a text version of this notice is clear-signed with the Cisco PSIRT PGP key and is posted to the following e-mail and Usenet news recipients.
- cust-security-announce@cisco.com
- first-bulletins@lists.first.org
- bugtraq@securityfocus.com
- vulnwatch@vulnwatch.org
- cisco@spot.colorado.edu
- cisco-nsp@puck.nether.net
- full-disclosure@lists.grok.org.uk
- comp.dcom.sys.cisco@newsgate.cisco.com
Future updates of this advisory, if any, will be placed on Cisco's worldwide website, but may or may not be actively announced on mailing lists or newsgroups. Users concerned about this problem are encouraged to check the above URL for any updates.
Revision History
+------------------------------------------------------------+ | Revision 1.0 | 2009-December-16 | Initial public release | +------------------------------------------------------------+
Cisco Security Procedures
Complete information on reporting security vulnerabilities in Cisco products, obtaining assistance with security incidents, and registering to receive security information from Cisco, is available on Cisco's worldwide website at http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html. This includes instructions for press inquiries regarding Cisco security notices. All Cisco security advisories are available at http://www.cisco.com/go/psirt.
+-------------------------------------------------------------------- Copyright 2008-2009 Cisco Systems, Inc. All rights reserved. +--------------------------------------------------------------------
Updated: Dec 16, 2009 Document ID: 110946 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkspCQMACgkQ86n/Gc8U/uCn+QCeLaUWmiHsetXDoJsynUbgsmHs IDgAnRhmTkrcs2NhAQ7Dq8+eJqofkHSh =KaHv -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200912-0440",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webex",
"scope": "eq",
"trust": 2.2,
"vendor": "cisco",
"version": "27.00"
},
{
"model": "webex",
"scope": "eq",
"trust": 2.2,
"vendor": "cisco",
"version": "26.00"
},
{
"model": "webex",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "wrf player (linux) 26.49.35"
},
{
"model": "webex",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "wrf player (linux) 27.11.8"
},
{
"model": "webex",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "wrf player (mac os x) 26.49.35"
},
{
"model": "webex",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "wrf player (mac os x) 27.11.8"
},
{
"model": "webex",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "wrf player (windows) 26.49.32"
},
{
"model": "webex",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "wrf player (windows) 27.10.x"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)27.00"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)26.00"
},
{
"model": "webex",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "27.10"
},
{
"model": "webex",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "26.49.32"
},
{
"model": "webex (mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x)27.11.8"
},
{
"model": "webex (mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x)26.49.35"
},
{
"model": "webex",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "27.11.8"
},
{
"model": "webex",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "26.49.35"
}
],
"sources": [
{
"db": "BID",
"id": "37352"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002683"
},
{
"db": "NVD",
"id": "CVE-2009-2875"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-258"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex:27.00:*:linux:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex:26.00:*:linux:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex:26.00:*:mac_os_x:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex:27.00:*:mac_os_x:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex:26.00:*:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex:27.00:*:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2009-2875"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Xiaopeng ZhangZhenhua Liu\u203b zhliu@fortinet.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200912-258"
}
],
"trust": 0.6
},
"cve": "CVE-2009-2875",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2009-2875",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-40321",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2009-2875",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200912-258",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-40321",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-40321"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002683"
},
{
"db": "NVD",
"id": "CVE-2009-2875"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-258"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in atas32.dll in the Cisco WebEx WRF Player 26.x before 26.49.32 for Windows, 27.x before 27.10.x for Windows, 26.x before 26.49.35 for Mac OS X and Linux, and 27.x before 27.11.8 for Mac OS X and Linux allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted WebEx Recording Format (WRF) file. Cisco WebEx is prone to multiple remote buffer-overflow vulnerabilities because the software fails to perform adequate boundary checks on user-supplied data. \nAn attacker can exploit these issues to execute arbitrary code with administrative privileges. Successful exploits will completely compromise affected computers. Failed exploit attempts will result in a denial-of-service condition. ----------------------------------------------------------------------\n\nDo you have VARM strategy implemented?\n\n(Vulnerability Assessment Remediation Management) \n\nIf not, then implement it through the most reliable vulnerability\nintelligence source on the market. \n\nImplement it through Secunia. \n\nORIGINAL ADVISORY:\nCisco:\nhttp://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nCisco Security Advisory: Multiple Cisco WebEx WRF Player Vulnerabilities\n\nAdvisory ID: cisco-sa-20091216-webex\n\nhttp://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml\n\nRevision 1.0\n\nFor Public Release 2009 December 16 1600 UTC (GMT)\n\nSummary\n=======\n\nMultiple buffer overflow vulnerabilities exist in the Cisco WebEx\nRecording Format (WRF) Player. \n\nThe Cisco WebEx WRF Player is an application that is used to play back\nWebEx meeting recordings that have been recorded on the computer of an\non-line meeting attendee. The WRF Player can be automatically installed\nwhen the user accesses a WRF file that is hosted on a WebEx server. The\nWRF Player can also be manually installed for offline playback after\ndownloading the application from www.webex.com. \n\nIf the WRF Player was automatically installed, the WebEx WRF Player\nwill be automatically upgraded to the latest, non-vulnerable version\nwhen users access a WRF file hosted on a WebEx server. If the WebEx\nWRF Player was manually installed, users will need to manually install\na new version of the player after downloading the latest version from\nwww.webex.com. \n\nCisco has released free software updates that address these\nvulnerabilities. \n\nThis advisory is posted at\nhttp://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml. \n\nAffected Products\n=================\n\nVulnerable Products\n- -------------------\n\nThe vulnerabilities disclosed in this advisory affect the Cisco WebEx\nWRF Player. Affected versions of the WRF Player are those prior\nto the \"first fixed\" versions, which are shown in the section \"Software\nVersions and Fixes\" of this advisory. \n\nTo check if a Cisco WebEx server is running an affected version of the\nWebEx client build, users can log in to their Cisco WebEx server and go\nto the Support -\u003e Downloads section. The version of the WebEx client\nbuild will be displayed on the right-hand side of the page under \"About\nSupport Center\", for example \"Client build: 27.11.0.3328\". \n\nThere is no way to check if a manually installed version of the WRF\nPlayer is affected by these vulnerabilities. Therefore, Cisco recommends\nthat users upgrade to the most current version of the player that is\navailable from http://www.webex.com/downloadplayer.html. \n\nProducts Confirmed Not Vulnerable\n- ---------------------------------\n\nThe Cisco WebEx Player for the WebEx Advanced Recording Format (ARF)\nfile format is not affected by these vulnerabilities. \n\nNo other Cisco products are currently known to be affected by these\nvulnerabilities. \n\nDetails\n=======\n\nThe WebEx meeting service is a hosted multimedia conferencing solution\nthat is managed by and maintained by Cisco WebEx. The WebEx Recording\nFormat (WRF) is a file format that is used to store WebEx meeting\nrecordings that have been recorded on the computer of an on-line meeting\nattendee. The WRF Player is an application that is used to play back\nand edit WRF files (files with .wrf extensions). The WRF Player can be\nautomatically installed when the user accesses a WRF file that is hosted\non a WebEx server (stream playback mode). The WRF Player can also be\nmanually installed after downloading the application from www.webex.com\nto play back WRF files locally (offline playback mode). \n\nMultiple buffer overflow vulnerabilities exist in the WRF Player. The\nvulnerabilities may lead to a crash of the WRF Player application, or in\nsome cases, lead to remote code execution. \n\nTo exploit a vulnerability, a malicious WRF file would need to be opened\nby the WRF Player application. An attacker may be able to accomplish\nthis by providing the malicious WRF file directly to users (for example,\nvia e-mail), or by convincing users to visit a malicious website. The\nvulnerability cannot be triggered by users attending a WebEx meeting. \n\nThese vulnerabilities have been assigned the following Common\nVulnerabilities and Exposures (CVE) identifiers:\n\n * CVE-2009-2875\n * CVE-2009-2876\n * CVE-2009-2877\n * CVE-2009-2878\n * CVE-2009-2879\n * CVE-2009-2880\n\nVulnerability Scoring Details\n=============================\n\nCisco has provided scores for the vulnerabilities in this advisory based\non the Common Vulnerability Scoring System (CVSS). The CVSS scoring in\nthis Security Advisory is done in accordance with CVSS version 2.0. \n\nCVSS is a standards-based scoring method that conveys vulnerability\nseverity and helps determine urgency and priority of response. \n\nCisco has provided a base and temporal score. Customers can then\ncompute environmental scores to assist in determining the impact of the\nvulnerability in individual networks. \n\nCisco has provided an FAQ to answer additional questions regarding CVSS\nat:\n\nhttp://www.cisco.com/web/about/security/intelligence/cvss-qandas.html\n\nCisco has also provided a CVSS calculator to help compute the\nenvironmental impact for individual networks at:\n\nhttp://intellishield.cisco.com/security/alertmanager/cvss\n\n* Multiple Cisco WebEx Player Buffer Overflow Vulnerabilities (all\nvulnerabilities in this advisory)\n\nCVSS Base Score - 9.3\n Access Vector - Network\n Access Complexity - Medium\n Authentication - None\n Confidentiality Impact - Complete\n Integrity Impact - Complete\n Availability Impact - Complete\n\nCVSS Temporal Score - 7.7\n Exploitability - Functional\n Remediation Level - Official-Fix\n Report Confidence - Confirmed\n\nImpact\n======\n\nSuccessful exploitation of the vulnerabilities described in this\ndocument could result in a crash of the Cisco WebEx WRF Player\napplication, and in some cases, allow a remote attacker to execute\narbitrary code on the targeted system with the privileges of the user\nrunning the WRF Player application. \n\nSoftware Versions and Fixes\n===========================\n\nThe table below contains \"First Fixed\" information for the Cisco WebEx\nWRF Player that is automatically downloaded from a WebEx site when a WRF\nhosted on a WebEx site is accessed (stream playback mode). Fixes are\ncumulative within a major release so for example, if release 27.10.1 is\nfixed, then release 27.10.2 will have the fix too. \n\n+------------------------------------------------------------+\n| Platform | Major Release 26.x | Major Release 27.x |\n|-----------+---------------------+--------------------------|\n| Microsoft | 26.49.32; available | 27.10.x; available now |\n| Windows | now except lockdown | for non-PSO and |\n| | sites | non-lockdown sites |\n|-----------+---------------------+--------------------------|\n| | 26.49.35; available | 27.11.8; available now |\n| Mac OS X | early February 2010 | for non-PSO and |\n| | | non-lockdown sites |\n|-----------+---------------------+--------------------------|\n| | 26.49.35; available | 27.11.8; available now |\n| Linux | early February 2010 | for non-PSO and |\n| | | non-lockdown sites |\n+------------------------------------------------------------+\n\nPSO and lockdown sites running 27.x will receive the fixes for these\nvulnerabilities during the next emergency patching (EP) cycle. This\nadvisory will be updated to indicate a specific timeline once one is\navailable. \n\nIf the WRF Player was automatically installed, the WebEx WRF Player will\nbe automatically upgraded to the latest, non-vulnerable version when\nusers access a WRF file hosted on a WebEx server. \n\nIf the WebEx WRF Player was manually installed, users will need to\nmanually install a new version of the player after downloading the\nlatest version from www.webex.com. \n\nWorkarounds\n===========\n\nThere are no workarounds for the vulnerabilities disclosed in this\nadvisory. \n\nObtaining Fixed Software\n========================\n\nCisco has released free software updates that address these\nvulnerabilities. Prior to deploying software, customers should consult\ntheir maintenance provider or check the software for feature set\ncompatibility and known issues specific to their environment. \n\nCustomers may only install and expect support for the feature\nsets they have purchased. By installing, downloading, accessing\nor otherwise using such software upgrades, customers agree to be\nbound by the terms of Cisco\u0027s software license terms found at\nhttp://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html,\nor as otherwise set forth at Cisco.com Downloads at\nhttp://www.cisco.com/public/sw-center/sw-usingswc.shtml. \n\nDo not contact psirt@cisco.com or security-alert@cisco.com for software\nupgrades. \n\nCustomers that need additional information can contact WebEx Global\nSupport Services and Technical Support. WebEx Global Support Services\nand Technical Support can be reached through the WebEx support site at\nhttp://support.webex.com/support/support-overview.html or by phone at\n+1-866-229-3239 or +1-408-435-7088. \n\nCustomers outside of the United States can reference the following link\nfor local support numbers:\n\nhttp://support.webex.com/support/phone-numbers.html\n\nExploitation and Public Announcements\n=====================================\n\nThe Cisco PSIRT is not aware of malicious use of the vulnerabilities\ndescribed in this advisory. \n\nThese vulnerabilities were discovered and reported to Cisco by Xiaopeng\nZhang and Zhenhua Liu of Fortinet\u0027s FortiGuard Labs. The FortiGuard Labs\nadvisory is available at http://www.fortiguard.com. Cisco would like to\nthank FortiGuard Labs for reporting these vulnerabilities to us and for\nworking with us on a coordinated disclosure. \n\nStatus of this Notice: FINAL\n============================\n\nTHIS DOCUMENT IS PROVIDED ON AN \"AS IS\" BASIS AND DOES NOT IMPLY\nANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF\nMERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE\nINFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS\nAT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS\nDOCUMENT AT ANY TIME. \n\nA stand-alone copy or Paraphrase of the text of this document that omits\nthe distribution URL in the following section is an uncontrolled copy,\nand may lack important information or contain factual errors. \n\nDistribution\n============\n\nThis advisory is posted on Cisco\u0027s worldwide website at:\n\nhttp://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml\n\nIn addition to worldwide web posting, a text version of this notice is\nclear-signed with the Cisco PSIRT PGP key and is posted to the following\ne-mail and Usenet news recipients. \n\n * cust-security-announce@cisco.com\n * first-bulletins@lists.first.org\n * bugtraq@securityfocus.com\n * vulnwatch@vulnwatch.org\n * cisco@spot.colorado.edu\n * cisco-nsp@puck.nether.net\n * full-disclosure@lists.grok.org.uk\n * comp.dcom.sys.cisco@newsgate.cisco.com\n\nFuture updates of this advisory, if any, will be placed on Cisco\u0027s\nworldwide website, but may or may not be actively announced on mailing\nlists or newsgroups. Users concerned about this problem are encouraged\nto check the above URL for any updates. \n\nRevision History\n================\n\n+------------------------------------------------------------+\n| Revision 1.0 | 2009-December-16 | Initial public release |\n+------------------------------------------------------------+\n\nCisco Security Procedures\n=========================\n\nComplete information on reporting security vulnerabilities in\nCisco products, obtaining assistance with security incidents, and\nregistering to receive security information from Cisco, is available\non Cisco\u0027s worldwide website at\nhttp://www.cisco.com/en/US/products/products_security_vulnerability_policy.html. \nThis includes instructions for press inquiries regarding Cisco security\nnotices. All Cisco security advisories are available at\nhttp://www.cisco.com/go/psirt. \n\n+--------------------------------------------------------------------\nCopyright 2008-2009 Cisco Systems, Inc. All rights reserved. \n+--------------------------------------------------------------------\n\nUpdated: Dec 16, 2009 Document ID: 110946\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.9 (GNU/Linux)\n\niEYEARECAAYFAkspCQMACgkQ86n/Gc8U/uCn+QCeLaUWmiHsetXDoJsynUbgsmHs\nIDgAnRhmTkrcs2NhAQ7Dq8+eJqofkHSh\n=KaHv\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2009-2875"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002683"
},
{
"db": "BID",
"id": "37352"
},
{
"db": "VULHUB",
"id": "VHN-40321"
},
{
"db": "PACKETSTORM",
"id": "84023"
},
{
"db": "PACKETSTORM",
"id": "83934"
}
],
"trust": 2.16
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-40321",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-40321"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2009-2875",
"trust": 2.9
},
{
"db": "BID",
"id": "37352",
"trust": 2.8
},
{
"db": "SECUNIA",
"id": "37810",
"trust": 2.6
},
{
"db": "SECTRACK",
"id": "1023360",
"trust": 2.5
},
{
"db": "OSVDB",
"id": "61125",
"trust": 2.5
},
{
"db": "VUPEN",
"id": "ADV-2009-3574",
"trust": 1.7
},
{
"db": "XF",
"id": "54841",
"trust": 1.4
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002683",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200912-258",
"trust": 0.7
},
{
"db": "CISCO",
"id": "20091216 MULTIPLE CISCO WEBEX WRF PLAYER VULNERABILITIES",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "83934",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-40321",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "84023",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-40321"
},
{
"db": "BID",
"id": "37352"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002683"
},
{
"db": "PACKETSTORM",
"id": "84023"
},
{
"db": "PACKETSTORM",
"id": "83934"
},
{
"db": "NVD",
"id": "CVE-2009-2875"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-258"
}
]
},
"id": "VAR-200912-0440",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-40321"
}
],
"trust": 0.725
},
"last_update_date": "2023-12-18T12:22:44.356000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20091216-webex",
"trust": 0.8,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml"
},
{
"title": "22661",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22661\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
},
{
"title": "22662",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22662\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
},
{
"title": "22663",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22663\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
},
{
"title": "22799",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22799\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
},
{
"title": "23040",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=23040\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
},
{
"title": "19499",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=19499"
},
{
"title": "22660",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22660\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002683"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-40321"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002683"
},
{
"db": "NVD",
"id": "CVE-2009-2875"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/37352"
},
{
"trust": 2.5,
"url": "http://www.osvdb.org/61125"
},
{
"trust": 2.5,
"url": "http://securitytracker.com/id?1023360"
},
{
"trust": 2.5,
"url": "http://secunia.com/advisories/37810"
},
{
"trust": 1.7,
"url": "http://www.cisco.com/en/us/products/products_security_advisory09186a0080b0a577.shtml"
},
{
"trust": 1.7,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=19499"
},
{
"trust": 1.7,
"url": "http://www.fortiguard.com/advisory/fga-2009-48.html"
},
{
"trust": 1.7,
"url": "http://www.fortiguard.com/encyclopedia/vulnerability/cisco.webex.player.atas32.dos.html"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2009/3574"
},
{
"trust": 1.6,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22660\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
},
{
"trust": 1.6,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22661\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
},
{
"trust": 1.6,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22662\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
},
{
"trust": 1.6,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22663\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
},
{
"trust": 1.6,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22799\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
},
{
"trust": 1.6,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=23040\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
},
{
"trust": 1.4,
"url": "http://xforce.iss.net/xforce/xfdb/54841"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54841"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2875"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-2875"
},
{
"trust": 0.5,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml"
},
{
"trust": 0.3,
"url": "http://www.webex.com/"
},
{
"trust": 0.3,
"url": "/archive/1/508512"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22660\u0026amp;signaturesubid=0\u0026amp;softwareversion=6.0\u0026amp;releaseversion=s456"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22661\u0026amp;signaturesubid=0\u0026amp;softwareversion=6.0\u0026amp;releaseversion=s456"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22662\u0026amp;signaturesubid=0\u0026amp;softwareversion=6.0\u0026amp;releaseversion=s456"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22663\u0026amp;signaturesubid=0\u0026amp;softwareversion=6.0\u0026amp;releaseversion=s456"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22799\u0026amp;signaturesubid=0\u0026amp;softwareversion=6.0\u0026amp;releaseversion=s456"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=23040\u0026amp;signaturesubid=0\u0026amp;softwareversion=6.0\u0026amp;releaseversion=s456"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/37810/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/business_solutions/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2878"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2880"
},
{
"trust": 0.1,
"url": "http://support.webex.com/support/phone-numbers.html"
},
{
"trust": 0.1,
"url": "http://www.fortiguard.com."
},
{
"trust": 0.1,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml."
},
{
"trust": 0.1,
"url": "http://www.cisco.com/en/us/products/products_security_vulnerability_policy.html."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2876"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2875"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/go/psirt."
},
{
"trust": 0.1,
"url": "http://www.webex.com/downloadplayer.html."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2877"
},
{
"trust": 0.1,
"url": "https://www.webex.com."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2879"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/public/sw-center/sw-usingswc.shtml."
},
{
"trust": 0.1,
"url": "http://support.webex.com/support/support-overview.html"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/en/us/docs/general/warranty/english/eu1ken_.html,"
},
{
"trust": 0.1,
"url": "http://intellishield.cisco.com/security/alertmanager/cvss"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-40321"
},
{
"db": "BID",
"id": "37352"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002683"
},
{
"db": "PACKETSTORM",
"id": "84023"
},
{
"db": "PACKETSTORM",
"id": "83934"
},
{
"db": "NVD",
"id": "CVE-2009-2875"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-258"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-40321"
},
{
"db": "BID",
"id": "37352"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002683"
},
{
"db": "PACKETSTORM",
"id": "84023"
},
{
"db": "PACKETSTORM",
"id": "83934"
},
{
"db": "NVD",
"id": "CVE-2009-2875"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-258"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-12-18T00:00:00",
"db": "VULHUB",
"id": "VHN-40321"
},
{
"date": "2009-12-16T00:00:00",
"db": "BID",
"id": "37352"
},
{
"date": "2011-06-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-002683"
},
{
"date": "2009-12-17T17:43:52",
"db": "PACKETSTORM",
"id": "84023"
},
{
"date": "2009-12-16T23:33:50",
"db": "PACKETSTORM",
"id": "83934"
},
{
"date": "2009-12-18T19:30:00.313000",
"db": "NVD",
"id": "CVE-2009-2875"
},
{
"date": "2009-12-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200912-258"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-17T00:00:00",
"db": "VULHUB",
"id": "VHN-40321"
},
{
"date": "2009-12-23T18:53:00",
"db": "BID",
"id": "37352"
},
{
"date": "2011-06-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-002683"
},
{
"date": "2017-08-17T01:30:56.397000",
"db": "NVD",
"id": "CVE-2009-2875"
},
{
"date": "2009-12-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200912-258"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "83934"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-258"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco WebEx WRF Player of atas32.dll Vulnerable to buffer overflow",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002683"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200912-258"
}
],
"trust": 0.6
}
}
var-201807-0426
Vulnerability from variot
Multiple vulnerabilities exist in the Cisco Webex Network Recording Player for Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit these vulnerabilities by providing a user with a malicious .arf or .wrf file via email or URL and convincing the user to launch the file in the Webex recording players. Exploitation of these vulnerabilities could allow arbitrary code execution on the system of a targeted user. These vulnerabilities affect ARF and WRF recording players available from Cisco Webex Meetings Suite sites, Cisco Webex Meetings Online sites, and Cisco Webex Meetings Server. Cisco Bug IDs: CSCvi02621, CSCvi02965, CSCvi63329, CSCvi63333, CSCvi63335, CSCvi63374, CSCvi63376, CSCvi63377, CSCvi63391, CSCvi63392, CSCvi63396, CSCvi63495, CSCvi63497, CSCvi63498, CSCvi82684, CSCvi82700, CSCvi82705, CSCvi82725, CSCvi82737, CSCvi82742, CSCvi82760, CSCvi82771, CSCvj51284, CSCvj51294. Vendors have confirmed this vulnerability Bug IDs: CSCvi02621 , CSCvi02965 , CSCvi63329 , CSCvi63333 , CSCvi63335 , CSCvi63374 , CSCvi63376 , CSCvi63377 , CSCvi63391 , CSCvi63392 , CSCvi63396 , CSCvi63495 , CSCvi63497 , CSCvi63498 , CSCvi82684 , CSCvi82700 , CSCvi82705 , CSCvi82725 , CSCvi82737 , CSCvi82742 , CSCvi82760 , CSCvi82771 , CSCvj51284 , CSCvj51294 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. When parsing an ARF file, the process does not properly validate the length of user-supplied data prior to copying it to a heap-based buffer. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco WebEx Recorder and Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of WRF files. Crafted data can trigger an overflow of a heap-based buffer. An attacker can leverage this vulnerability to execute code under the context of the current process
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201807-0426",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webex",
"scope": null,
"trust": 8.4,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "33.0.6"
},
{
"model": "webex meetings online",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "1.3.35"
},
{
"model": "webex business suite",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "31.23"
},
{
"model": "webex meeting server",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "webex business suite",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "32.15"
},
{
"model": "webex business suite",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "33.2"
},
{
"model": "webex business suite",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "33.1.1"
},
{
"model": "webex meetings online",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.35"
},
{
"model": "webex business suite",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "32.0"
},
{
"model": "webex business suite",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "31.0"
},
{
"model": "webex business suite",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "33.2"
},
{
"model": "webex business suite",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "33.0"
},
{
"model": "webex business suite",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "32.15"
},
{
"model": "webex business suite",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "31.23"
},
{
"model": "webex business suite",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex network recording player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings suite",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8.1.2039"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8.1.1034"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8.1.1023"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8.1.1019"
},
{
"model": "webex meetings server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.81"
},
{
"model": "webex meetings server mr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8"
},
{
"model": "webex meetings server 2.7mr2 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.7.1.3047"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.7"
},
{
"model": "webex meetings server 2.6mr3 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.1.30"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.0.8"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6"
},
{
"model": "webex meetings server 2.5mr6 patch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6"
},
{
"model": "webex meetings server 2.5mr2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.99.2"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.1.5"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.0.997"
},
{
"model": "webex meetings server mr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "webex meetings server base",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "webex meetings server 2.0mr2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings online t32",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings online t31.20",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings online t31",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings online",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings suite wbs33.2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings suite wbs32.15",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings suite wbs31.23",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server 3.0mr1",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings online",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.3.35"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-973"
},
{
"db": "ZDI",
"id": "ZDI-18-977"
},
{
"db": "ZDI",
"id": "ZDI-18-968"
},
{
"db": "ZDI",
"id": "ZDI-18-970"
},
{
"db": "ZDI",
"id": "ZDI-18-967"
},
{
"db": "ZDI",
"id": "ZDI-18-974"
},
{
"db": "ZDI",
"id": "ZDI-18-969"
},
{
"db": "ZDI",
"id": "ZDI-18-972"
},
{
"db": "ZDI",
"id": "ZDI-18-978"
},
{
"db": "ZDI",
"id": "ZDI-18-976"
},
{
"db": "ZDI",
"id": "ZDI-18-971"
},
{
"db": "ZDI",
"id": "ZDI-18-975"
},
{
"db": "BID",
"id": "104853"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009077"
},
{
"db": "NVD",
"id": "CVE-2018-0379"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1295"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_online:1.3.35:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_online:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.3.35",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_business_suite:31.23:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_business_suite:33.0.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_business_suite:33.1.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_business_suite:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "32.15",
"versionStartIncluding": "32.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_business_suite:33.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_business_suite:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "33.2",
"versionStartIncluding": "33.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_business_suite:32.15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_business_suite:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "31.23",
"versionStartIncluding": "31.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meeting_server:3.0:mr1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-0379"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Steven Seeley (mr_me) of Offensive Security",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-973"
},
{
"db": "ZDI",
"id": "ZDI-18-977"
},
{
"db": "ZDI",
"id": "ZDI-18-974"
},
{
"db": "ZDI",
"id": "ZDI-18-976"
},
{
"db": "ZDI",
"id": "ZDI-18-975"
}
],
"trust": 3.5
},
"cve": "CVE-2018-0379",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 4.9,
"id": "CVE-2018-0379",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 4.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2018-0379",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 4.3,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-118581",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-0379",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "ZDI",
"id": "CVE-2018-0379",
"trust": 8.4,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2018-0379",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201807-1295",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-118581",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-973"
},
{
"db": "ZDI",
"id": "ZDI-18-977"
},
{
"db": "ZDI",
"id": "ZDI-18-968"
},
{
"db": "ZDI",
"id": "ZDI-18-970"
},
{
"db": "ZDI",
"id": "ZDI-18-967"
},
{
"db": "ZDI",
"id": "ZDI-18-974"
},
{
"db": "ZDI",
"id": "ZDI-18-969"
},
{
"db": "ZDI",
"id": "ZDI-18-972"
},
{
"db": "ZDI",
"id": "ZDI-18-978"
},
{
"db": "ZDI",
"id": "ZDI-18-976"
},
{
"db": "ZDI",
"id": "ZDI-18-971"
},
{
"db": "ZDI",
"id": "ZDI-18-975"
},
{
"db": "VULHUB",
"id": "VHN-118581"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009077"
},
{
"db": "NVD",
"id": "CVE-2018-0379"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1295"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple vulnerabilities exist in the Cisco Webex Network Recording Player for Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit these vulnerabilities by providing a user with a malicious .arf or .wrf file via email or URL and convincing the user to launch the file in the Webex recording players. Exploitation of these vulnerabilities could allow arbitrary code execution on the system of a targeted user. These vulnerabilities affect ARF and WRF recording players available from Cisco Webex Meetings Suite sites, Cisco Webex Meetings Online sites, and Cisco Webex Meetings Server. Cisco Bug IDs: CSCvi02621, CSCvi02965, CSCvi63329, CSCvi63333, CSCvi63335, CSCvi63374, CSCvi63376, CSCvi63377, CSCvi63391, CSCvi63392, CSCvi63396, CSCvi63495, CSCvi63497, CSCvi63498, CSCvi82684, CSCvi82700, CSCvi82705, CSCvi82725, CSCvi82737, CSCvi82742, CSCvi82760, CSCvi82771, CSCvj51284, CSCvj51294. Vendors have confirmed this vulnerability Bug IDs: CSCvi02621 , CSCvi02965 , CSCvi63329 , CSCvi63333 , CSCvi63335 , CSCvi63374 , CSCvi63376 , CSCvi63377 , CSCvi63391 , CSCvi63392 , CSCvi63396 , CSCvi63495 , CSCvi63497 , CSCvi63498 , CSCvi82684 , CSCvi82700 , CSCvi82705 , CSCvi82725 , CSCvi82737 , CSCvi82742 , CSCvi82760 , CSCvi82771 , CSCvj51284 , CSCvj51294 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. When parsing an ARF file, the process does not properly validate the length of user-supplied data prior to copying it to a heap-based buffer. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco WebEx Recorder and Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of WRF files. Crafted data can trigger an overflow of a heap-based buffer. An attacker can leverage this vulnerability to execute code under the context of the current process",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-0379"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009077"
},
{
"db": "ZDI",
"id": "ZDI-18-973"
},
{
"db": "ZDI",
"id": "ZDI-18-977"
},
{
"db": "ZDI",
"id": "ZDI-18-968"
},
{
"db": "ZDI",
"id": "ZDI-18-970"
},
{
"db": "ZDI",
"id": "ZDI-18-967"
},
{
"db": "ZDI",
"id": "ZDI-18-974"
},
{
"db": "ZDI",
"id": "ZDI-18-969"
},
{
"db": "ZDI",
"id": "ZDI-18-972"
},
{
"db": "ZDI",
"id": "ZDI-18-978"
},
{
"db": "ZDI",
"id": "ZDI-18-976"
},
{
"db": "ZDI",
"id": "ZDI-18-971"
},
{
"db": "ZDI",
"id": "ZDI-18-975"
},
{
"db": "BID",
"id": "104853"
},
{
"db": "VULHUB",
"id": "VHN-118581"
}
],
"trust": 9.54
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-0379",
"trust": 11.2
},
{
"db": "BID",
"id": "104853",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1041347",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009077",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5720",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-973",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5724",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-977",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5600",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-968",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5703",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-970",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5593",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-967",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5723",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-974",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5601",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-969",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5705",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-972",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5972",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-978",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5722",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-976",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5704",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-971",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5721",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-975",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1295",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-118581",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-973"
},
{
"db": "ZDI",
"id": "ZDI-18-977"
},
{
"db": "ZDI",
"id": "ZDI-18-968"
},
{
"db": "ZDI",
"id": "ZDI-18-970"
},
{
"db": "ZDI",
"id": "ZDI-18-967"
},
{
"db": "ZDI",
"id": "ZDI-18-974"
},
{
"db": "ZDI",
"id": "ZDI-18-969"
},
{
"db": "ZDI",
"id": "ZDI-18-972"
},
{
"db": "ZDI",
"id": "ZDI-18-978"
},
{
"db": "ZDI",
"id": "ZDI-18-976"
},
{
"db": "ZDI",
"id": "ZDI-18-971"
},
{
"db": "ZDI",
"id": "ZDI-18-975"
},
{
"db": "VULHUB",
"id": "VHN-118581"
},
{
"db": "BID",
"id": "104853"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009077"
},
{
"db": "NVD",
"id": "CVE-2018-0379"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1295"
}
]
},
"id": "VAR-201807-0426",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-118581"
}
],
"trust": 0.6714285999999999
},
"last_update_date": "2023-12-18T14:01:11.724000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20180718-webex-rce",
"trust": 9.2,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180718-webex-rce"
},
{
"title": "Cisco Webex Network Recording Player Remediation of resource management error vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=82196"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-973"
},
{
"db": "ZDI",
"id": "ZDI-18-977"
},
{
"db": "ZDI",
"id": "ZDI-18-968"
},
{
"db": "ZDI",
"id": "ZDI-18-970"
},
{
"db": "ZDI",
"id": "ZDI-18-967"
},
{
"db": "ZDI",
"id": "ZDI-18-974"
},
{
"db": "ZDI",
"id": "ZDI-18-969"
},
{
"db": "ZDI",
"id": "ZDI-18-972"
},
{
"db": "ZDI",
"id": "ZDI-18-978"
},
{
"db": "ZDI",
"id": "ZDI-18-976"
},
{
"db": "ZDI",
"id": "ZDI-18-971"
},
{
"db": "ZDI",
"id": "ZDI-18-975"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009077"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1295"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-118581"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009077"
},
{
"db": "NVD",
"id": "CVE-2018-0379"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 10.4,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180718-webex-rce"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/104853"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1041347"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0379"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-0379"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-973"
},
{
"db": "ZDI",
"id": "ZDI-18-977"
},
{
"db": "ZDI",
"id": "ZDI-18-968"
},
{
"db": "ZDI",
"id": "ZDI-18-970"
},
{
"db": "ZDI",
"id": "ZDI-18-967"
},
{
"db": "ZDI",
"id": "ZDI-18-974"
},
{
"db": "ZDI",
"id": "ZDI-18-969"
},
{
"db": "ZDI",
"id": "ZDI-18-972"
},
{
"db": "ZDI",
"id": "ZDI-18-978"
},
{
"db": "ZDI",
"id": "ZDI-18-976"
},
{
"db": "ZDI",
"id": "ZDI-18-971"
},
{
"db": "ZDI",
"id": "ZDI-18-975"
},
{
"db": "VULHUB",
"id": "VHN-118581"
},
{
"db": "BID",
"id": "104853"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009077"
},
{
"db": "NVD",
"id": "CVE-2018-0379"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1295"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-18-973"
},
{
"db": "ZDI",
"id": "ZDI-18-977"
},
{
"db": "ZDI",
"id": "ZDI-18-968"
},
{
"db": "ZDI",
"id": "ZDI-18-970"
},
{
"db": "ZDI",
"id": "ZDI-18-967"
},
{
"db": "ZDI",
"id": "ZDI-18-974"
},
{
"db": "ZDI",
"id": "ZDI-18-969"
},
{
"db": "ZDI",
"id": "ZDI-18-972"
},
{
"db": "ZDI",
"id": "ZDI-18-978"
},
{
"db": "ZDI",
"id": "ZDI-18-976"
},
{
"db": "ZDI",
"id": "ZDI-18-971"
},
{
"db": "ZDI",
"id": "ZDI-18-975"
},
{
"db": "VULHUB",
"id": "VHN-118581"
},
{
"db": "BID",
"id": "104853"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-009077"
},
{
"db": "NVD",
"id": "CVE-2018-0379"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1295"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-08-31T00:00:00",
"db": "ZDI",
"id": "ZDI-18-973"
},
{
"date": "2018-08-31T00:00:00",
"db": "ZDI",
"id": "ZDI-18-977"
},
{
"date": "2018-08-31T00:00:00",
"db": "ZDI",
"id": "ZDI-18-968"
},
{
"date": "2018-08-31T00:00:00",
"db": "ZDI",
"id": "ZDI-18-970"
},
{
"date": "2018-08-31T00:00:00",
"db": "ZDI",
"id": "ZDI-18-967"
},
{
"date": "2018-08-31T00:00:00",
"db": "ZDI",
"id": "ZDI-18-974"
},
{
"date": "2018-08-31T00:00:00",
"db": "ZDI",
"id": "ZDI-18-969"
},
{
"date": "2018-08-31T00:00:00",
"db": "ZDI",
"id": "ZDI-18-972"
},
{
"date": "2018-08-31T00:00:00",
"db": "ZDI",
"id": "ZDI-18-978"
},
{
"date": "2018-08-31T00:00:00",
"db": "ZDI",
"id": "ZDI-18-976"
},
{
"date": "2018-08-31T00:00:00",
"db": "ZDI",
"id": "ZDI-18-971"
},
{
"date": "2018-08-31T00:00:00",
"db": "ZDI",
"id": "ZDI-18-975"
},
{
"date": "2018-07-18T00:00:00",
"db": "VULHUB",
"id": "VHN-118581"
},
{
"date": "2018-07-18T00:00:00",
"db": "BID",
"id": "104853"
},
{
"date": "2018-11-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-009077"
},
{
"date": "2018-07-18T23:29:00.963000",
"db": "NVD",
"id": "CVE-2018-0379"
},
{
"date": "2018-07-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201807-1295"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-08-31T00:00:00",
"db": "ZDI",
"id": "ZDI-18-973"
},
{
"date": "2018-08-31T00:00:00",
"db": "ZDI",
"id": "ZDI-18-977"
},
{
"date": "2018-08-31T00:00:00",
"db": "ZDI",
"id": "ZDI-18-968"
},
{
"date": "2018-08-31T00:00:00",
"db": "ZDI",
"id": "ZDI-18-970"
},
{
"date": "2018-08-31T00:00:00",
"db": "ZDI",
"id": "ZDI-18-967"
},
{
"date": "2018-08-31T00:00:00",
"db": "ZDI",
"id": "ZDI-18-974"
},
{
"date": "2018-08-31T00:00:00",
"db": "ZDI",
"id": "ZDI-18-969"
},
{
"date": "2018-08-31T00:00:00",
"db": "ZDI",
"id": "ZDI-18-972"
},
{
"date": "2018-08-31T00:00:00",
"db": "ZDI",
"id": "ZDI-18-978"
},
{
"date": "2018-08-31T00:00:00",
"db": "ZDI",
"id": "ZDI-18-976"
},
{
"date": "2018-08-31T00:00:00",
"db": "ZDI",
"id": "ZDI-18-971"
},
{
"date": "2018-08-31T00:00:00",
"db": "ZDI",
"id": "ZDI-18-975"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-118581"
},
{
"date": "2018-07-18T00:00:00",
"db": "BID",
"id": "104853"
},
{
"date": "2018-11-07T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-009077"
},
{
"date": "2019-10-09T23:31:55.537000",
"db": "NVD",
"id": "CVE-2018-0379"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201807-1295"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-1295"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco WebEx Network Recording Player NBRQA Integer Overflow Remote Code Execution Vulnerability",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-973"
},
{
"db": "ZDI",
"id": "ZDI-18-977"
},
{
"db": "ZDI",
"id": "ZDI-18-974"
},
{
"db": "ZDI",
"id": "ZDI-18-976"
},
{
"db": "ZDI",
"id": "ZDI-18-975"
}
],
"trust": 3.5
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-1295"
}
],
"trust": 0.6
}
}
var-201206-0110
Vulnerability from variot
Stack-based buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27 LC before SP25 EP11, T27 LD before SP32 CP2, and T28 L10N before SP1 allows remote attackers to execute arbitrary code via a crafted DHT chunk in a JPEG image within a WRF file, aka Bug ID CSCtz72953. Cisco WebEx Recording Format (WRF) player Contains a stack-based buffer overflow vulnerability. The problem is Bug ID CSCtz72953 It is a problem.By a third party WRF In the file JPEG Artfully crafted in the image DHT Arbitrary code may be executed via chunks. Cisco WebEx is prone to multiple remote buffer-overflow vulnerabilities because it fails to perform adequate boundary-checks on user-supplied data. An attacker can exploit these issues to execute arbitrary code with the privileges of the affected application. Failed exploit attempts will result in a denial-of-service condition. Cisco WebEx is a set of Web conferencing tools developed by American Cisco (Cisco), which can assist office workers in different places to coordinate and cooperate. WebEx services include Web conferencing, telepresence video conferencing and enterprise instant messaging (IM). ----------------------------------------------------------------------
Become a PSI 3.0 beta tester! Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. Download it here! http://secunia.com/psi_30_beta_launch
TITLE: Cisco WebEx Player WRF Processing Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA49750
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/49750/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=49750
RELEASE DATE: 2012-06-28
DISCUSS ADVISORY: http://secunia.com/advisories/49750/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/49750/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=49750
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in WebEx Recording Format Player, which can be exploited by malicious people to compromise a user's system.
1) An unspecified error when processing WRF files can be exploited to cause a heap-based buffer overflow.
2) An error when processing the JPEG DHT chunk within a WRF file can be exploited to cause a stack-based buffer overflow.
3) An unspecified error when processing WRF files can be exploited to corrupt memory.
4) An error when processing the Audio size within a WRF file can be exploited to cause a heap-based buffer overflow.
Successful exploitation of the vulnerabilities may allow execution of arbitrary code.
The vulnerabilities are reported in the following versions: * Client builds 28.0.0 (T28 L10N). * Client builds 27.32.1 (T27 LD SP32 CP1) and prior. * Client builds 27.25.10 (T27 LC SP25 EP10) and prior. * Client builds 27.21.10 (T27 LB SP21 EP10) and prior. * Client builds 27.11.26 (T27 L SP11 EP26) and prior.
SOLUTION: Update to a fixed client build (please see the vendor's advisory for details).
PROVIDED AND/OR DISCOVERED BY: The vendor credits iDefense and Microsoft Vulnerability Research (MSVR).
ORIGINAL ADVISORY: Cisco: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120627-webex
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201206-0110",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webex recording format player",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "27.11.26"
},
{
"model": "webex recording format player",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "27.32.0"
},
{
"model": "webex recording format player",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "28.0.0"
},
{
"model": "webex recording format player",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "27.21.0"
},
{
"model": "webex recording format player",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "27.11.0"
},
{
"model": "webex recording format player",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "27.21.10"
},
{
"model": "webex recording format player",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "27.25.0"
},
{
"model": "webex recording format player",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "27.25.11"
},
{
"model": "webex recording format player",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "27.32.2"
},
{
"model": "webex recording format player",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "28.0.1"
},
{
"model": "webex recording format player",
"scope": "lte",
"trust": 0.8,
"vendor": "cisco",
"version": "client builds 27.25.10 (t27 lc sp25 ep10)"
},
{
"model": "webex recording format player",
"scope": "lte",
"trust": 0.8,
"vendor": "cisco",
"version": "client builds 27.32.1 (t27 ld sp32 cp1)"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "client builds 28.0.0 (t28 l10n)"
},
{
"model": "webex t27 sp28",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 sp25 ep3",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 sp23",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 sp21 ep9",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 sp11 ep23",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 ld sp32 cp1",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 ld sp32",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 lc sp25 ep9",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 lc sp25 ep10",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 lb sp21 ep10",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 l sp11 ep26",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 fr20",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t26 sp49 ep40",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex 27lc sp22",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex 27lb sp21 ep3",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "27.00"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "26.00"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "27.32.1"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "27.11.26"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "28.0.0"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "27.25.10"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "27.21.10"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "27.10"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "26.49.32"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)27.11.8"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)26.49.35"
},
{
"model": "webex (mac os t27 sp28",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 sp25 ep3",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 sp23",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 sp21 ep9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 sp11 ep23",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 ld sp32 cp1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 ld sp32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 lc sp25 ep9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 lc sp25 ep10",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 lb sp21 ep10",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 l sp11 ep26",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 fr20",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t26 sp49 ep40",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os 27lc sp22",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os 27lb sp21 ep3",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)27.00"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)26.00"
},
{
"model": "webex (ma t27 ld sp32",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "27.11.8"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "26.49.35"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "28"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "27"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "54213"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002943"
},
{
"db": "NVD",
"id": "CVE-2012-3055"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-527"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "27.25.11",
"versionStartIncluding": "27.25.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "27.32.2",
"versionStartIncluding": "27.32.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "28.0.1",
"versionStartIncluding": "28.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "27.11.26",
"versionStartIncluding": "27.11.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "27.21.10",
"versionStartIncluding": "27.21.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-3055"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "iDefense and Microsoft Vulnerability Research (MSVR)",
"sources": [
{
"db": "BID",
"id": "54213"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-527"
}
],
"trust": 0.9
},
"cve": "CVE-2012-3055",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2012-3055",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-56336",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-3055",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201206-527",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-56336",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-56336"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002943"
},
{
"db": "NVD",
"id": "CVE-2012-3055"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-527"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Stack-based buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27 LC before SP25 EP11, T27 LD before SP32 CP2, and T28 L10N before SP1 allows remote attackers to execute arbitrary code via a crafted DHT chunk in a JPEG image within a WRF file, aka Bug ID CSCtz72953. Cisco WebEx Recording Format (WRF) player Contains a stack-based buffer overflow vulnerability. The problem is Bug ID CSCtz72953 It is a problem.By a third party WRF In the file JPEG Artfully crafted in the image DHT Arbitrary code may be executed via chunks. Cisco WebEx is prone to multiple remote buffer-overflow vulnerabilities because it fails to perform adequate boundary-checks on user-supplied data. \nAn attacker can exploit these issues to execute arbitrary code with the privileges of the affected application. Failed exploit attempts will result in a denial-of-service condition. Cisco WebEx is a set of Web conferencing tools developed by American Cisco (Cisco), which can assist office workers in different places to coordinate and cooperate. WebEx services include Web conferencing, telepresence video conferencing and enterprise instant messaging (IM). ----------------------------------------------------------------------\n\nBecome a PSI 3.0 beta tester!\nTest-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. \nDownload it here!\nhttp://secunia.com/psi_30_beta_launch\n\n----------------------------------------------------------------------\n\nTITLE:\nCisco WebEx Player WRF Processing Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA49750\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/49750/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49750\n\nRELEASE DATE:\n2012-06-28\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/49750/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/49750/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49750\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in WebEx Recording Format\nPlayer, which can be exploited by malicious people to compromise a\nuser\u0027s system. \n\n1) An unspecified error when processing WRF files can be exploited to\ncause a heap-based buffer overflow. \n\n2) An error when processing the JPEG DHT chunk within a WRF file can\nbe exploited to cause a stack-based buffer overflow. \n\n3) An unspecified error when processing WRF files can be exploited to\ncorrupt memory. \n\n4) An error when processing the Audio size within a WRF file can be\nexploited to cause a heap-based buffer overflow. \n\nSuccessful exploitation of the vulnerabilities may allow execution of\narbitrary code. \n\nThe vulnerabilities are reported in the following versions:\n* Client builds 28.0.0 (T28 L10N). \n* Client builds 27.32.1 (T27 LD SP32 CP1) and prior. \n* Client builds 27.25.10 (T27 LC SP25 EP10) and prior. \n* Client builds 27.21.10 (T27 LB SP21 EP10) and prior. \n* Client builds 27.11.26 (T27 L SP11 EP26) and prior. \n\nSOLUTION:\nUpdate to a fixed client build (please see the vendor\u0027s advisory for\ndetails). \n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits iDefense and Microsoft Vulnerability Research\n(MSVR). \n\nORIGINAL ADVISORY:\nCisco:\nhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120627-webex\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-3055"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002943"
},
{
"db": "BID",
"id": "54213"
},
{
"db": "VULHUB",
"id": "VHN-56336"
},
{
"db": "PACKETSTORM",
"id": "114290"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-3055",
"trust": 2.8
},
{
"db": "BID",
"id": "54213",
"trust": 0.9
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002943",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201206-527",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "49750",
"trust": 0.7
},
{
"db": "CISCO",
"id": "20120627 BUFFER OVERFLOW VULNERABILITIES IN THE CISCO WEBEX PLAYER",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "19900",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-56336",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "114290",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-56336"
},
{
"db": "BID",
"id": "54213"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002943"
},
{
"db": "PACKETSTORM",
"id": "114290"
},
{
"db": "NVD",
"id": "CVE-2012-3055"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-527"
}
]
},
"id": "VAR-201206-0110",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-56336"
}
],
"trust": 0.7296153719999999
},
"last_update_date": "2023-12-18T12:10:04.553000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20120627-webex",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20120627-webex"
},
{
"title": "26207",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=26207"
},
{
"title": "cisco-sa-20120627-webex",
"trust": 0.8,
"url": "http://www.cisco.com/cisco/web/support/jp/111/1115/1115508_cisco-sa-20120627-webex-j.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-002943"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-56336"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002943"
},
{
"db": "NVD",
"id": "CVE-2012-3055"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20120627-webex"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3055"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-3055"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/49750"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/54213"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/19900"
},
{
"trust": 0.3,
"url": "http://www.webex.com/"
},
{
"trust": 0.1,
"url": "http://secunia.com/psi_30_beta_launch"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49750"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/49750/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/49750/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-56336"
},
{
"db": "BID",
"id": "54213"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002943"
},
{
"db": "PACKETSTORM",
"id": "114290"
},
{
"db": "NVD",
"id": "CVE-2012-3055"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-527"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-56336"
},
{
"db": "BID",
"id": "54213"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002943"
},
{
"db": "PACKETSTORM",
"id": "114290"
},
{
"db": "NVD",
"id": "CVE-2012-3055"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-527"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-06-29T00:00:00",
"db": "VULHUB",
"id": "VHN-56336"
},
{
"date": "2012-06-27T00:00:00",
"db": "BID",
"id": "54213"
},
{
"date": "2012-07-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-002943"
},
{
"date": "2012-06-28T06:12:23",
"db": "PACKETSTORM",
"id": "114290"
},
{
"date": "2012-06-29T14:55:01.093000",
"db": "NVD",
"id": "CVE-2012-3055"
},
{
"date": "2012-06-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201206-527"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-03T00:00:00",
"db": "VULHUB",
"id": "VHN-56336"
},
{
"date": "2015-03-19T09:40:00",
"db": "BID",
"id": "54213"
},
{
"date": "2012-07-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-002943"
},
{
"date": "2018-12-03T13:50:06.720000",
"db": "NVD",
"id": "CVE-2012-3055"
},
{
"date": "2012-06-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201206-527"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201206-527"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco WebEx Recording Format player Vulnerable to stack-based buffer overflow",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-002943"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201206-527"
}
],
"trust": 0.6
}
}
var-201810-0631
Vulnerability from variot
A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit this vulnerability by sending a user a malicious ARF or WRF file via a link or an email attachment and persuading the user to open the file by using the affected software. A successful exploit could allow the attacker to execute arbitrary code on the affected system. Cisco Webex Network Recording Player and Webex Player Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. When parsing an ARF file, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. These issues are being tracked by Cisco Bug IDs CSCvj63665, CSCvj63672, CSCvj63676, CSCvj63717, CSCvj63724, CSCvj63729, CSCvj67334, CSCvj67339, and CSCvj67344. Cisco Webex Meetings Suite and others are multi-functional video conferencing solutions of Cisco (Cisco)
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201810-0631",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "2.7"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "2.8"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "2.7.1"
},
{
"model": "webex business suite 33",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "33.3"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.1.29"
},
{
"model": "webex meetings online",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.37"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.6"
},
{
"model": "webex business suite 32",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "32.15.10"
},
{
"model": "webex business suite",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings online",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex",
"scope": null,
"trust": 0.7,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings suite",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex business suite 33",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "33.1"
},
{
"model": "webex business suite 33",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "33.0"
},
{
"model": "webex business suite 32",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite 33",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "33.2"
},
{
"model": "webex network recording player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings online",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings suite wbs33.3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings suite wbs32.15.10",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server 3.0mr2",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings online",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.3.37"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1076"
},
{
"db": "BID",
"id": "105374"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010830"
},
{
"db": "NVD",
"id": "CVE-2018-15414"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-992"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_online:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.3.37",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5:maintenance_release6_patch4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5.1.29:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:maintenance_release1_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5:maintenance_release2_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5:maintenance_release6_patch2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:maintenance_release3_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7:maintenance_release1_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7:maintenance_release2_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5:maintenance_release5_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5:maintenance_release6_patch3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:maintenance_release2_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:maintenance_release3_patch2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7:base:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.8:base:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_business_suite_32:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "32.15.10",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_business_suite_33:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "33.3",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-15414"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Steven Seeley (mr_me) of Source Incite",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1076"
}
],
"trust": 0.7
},
"cve": "CVE-2018-15414",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-15414",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 4.9,
"id": "CVE-2018-15414",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-125671",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-15414",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-15414",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2018-15414",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201809-992",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-125671",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1076"
},
{
"db": "VULHUB",
"id": "VHN-125671"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010830"
},
{
"db": "NVD",
"id": "CVE-2018-15414"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-992"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit this vulnerability by sending a user a malicious ARF or WRF file via a link or an email attachment and persuading the user to open the file by using the affected software. A successful exploit could allow the attacker to execute arbitrary code on the affected system. Cisco Webex Network Recording Player and Webex Player Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. When parsing an ARF file, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. \nThese issues are being tracked by Cisco Bug IDs CSCvj63665, CSCvj63672, CSCvj63676, CSCvj63717, CSCvj63724, CSCvj63729, CSCvj67334, CSCvj67339, and CSCvj67344. Cisco Webex Meetings Suite and others are multi-functional video conferencing solutions of Cisco (Cisco)",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-15414"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010830"
},
{
"db": "ZDI",
"id": "ZDI-18-1076"
},
{
"db": "BID",
"id": "105374"
},
{
"db": "VULHUB",
"id": "VHN-125671"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-15414",
"trust": 3.5
},
{
"db": "BID",
"id": "105374",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1041689",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010830",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-6206",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-1076",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201809-992",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-125671",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1076"
},
{
"db": "VULHUB",
"id": "VHN-125671"
},
{
"db": "BID",
"id": "105374"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010830"
},
{
"db": "NVD",
"id": "CVE-2018-15414"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-992"
}
]
},
"id": "VAR-201810-0631",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-125671"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:18:26.361000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20180919-webex",
"trust": 1.5,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180919-webex"
},
{
"title": "Cisco Webex Network Recording Player Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=85100"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1076"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010830"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-992"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-125671"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010830"
},
{
"db": "NVD",
"id": "CVE-2018-15414"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180919-webex"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/105374"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1041689"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-15414"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-15414"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
},
{
"trust": 0.3,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180919-webex "
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1076"
},
{
"db": "VULHUB",
"id": "VHN-125671"
},
{
"db": "BID",
"id": "105374"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010830"
},
{
"db": "NVD",
"id": "CVE-2018-15414"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-992"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-18-1076"
},
{
"db": "VULHUB",
"id": "VHN-125671"
},
{
"db": "BID",
"id": "105374"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010830"
},
{
"db": "NVD",
"id": "CVE-2018-15414"
},
{
"db": "CNNVD",
"id": "CNNVD-201809-992"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-09-21T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1076"
},
{
"date": "2018-10-05T00:00:00",
"db": "VULHUB",
"id": "VHN-125671"
},
{
"date": "2018-09-19T00:00:00",
"db": "BID",
"id": "105374"
},
{
"date": "2018-12-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010830"
},
{
"date": "2018-10-05T14:29:09.950000",
"db": "NVD",
"id": "CVE-2018-15414"
},
{
"date": "2018-09-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201809-992"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-09-21T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1076"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-125671"
},
{
"date": "2018-09-19T00:00:00",
"db": "BID",
"id": "105374"
},
{
"date": "2018-12-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010830"
},
{
"date": "2019-10-09T23:35:34.203000",
"db": "NVD",
"id": "CVE-2018-15414"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201809-992"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201809-992"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Webex Network Recording Player and Webex Player Input validation vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010830"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201809-992"
}
],
"trust": 0.6
}
}
var-201807-0432
Vulnerability from variot
A vulnerability in the web framework of Cisco Webex could allow an unauthenticated, remote attacker to conduct a Document Object Model-based (DOM-based) cross-site scripting (XSS) attack against the user of the web interface of an affected system. The vulnerability is due to insufficient input validation of certain parameters that are passed to the affected software by using the HTTP POST method. An attacker who can submit malicious scripts to the affected user interface element could execute arbitrary script or HTML code in the user's browser in the context of the affected site. Cisco Bug IDs: CSCvj33287. Cisco Webex Contains a cross-site scripting vulnerability. Vendors have confirmed this vulnerability Bug ID CSCvj33287 It is released as.Information may be obtained and information may be altered. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. Cisco WebEx is a set of Web conferencing tools developed by American Cisco (Cisco), which can assist office workers in different places to coordinate and cooperate. WebEx services include Web conferencing, telepresence video conferencing and enterprise instant messaging (IM)
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201807-0432",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webex meetings",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "webex meetings",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "104865"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008278"
},
{
"db": "NVD",
"id": "CVE-2018-0390"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1292"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings:2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-0390"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gabriele Pippi",
"sources": [
{
"db": "BID",
"id": "104865"
}
],
"trust": 0.3
},
"cve": "CVE-2018-0390",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2018-0390",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-118592",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.1,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2018-0390",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-0390",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201807-1292",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-118592",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-118592"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008278"
},
{
"db": "NVD",
"id": "CVE-2018-0390"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1292"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in the web framework of Cisco Webex could allow an unauthenticated, remote attacker to conduct a Document Object Model-based (DOM-based) cross-site scripting (XSS) attack against the user of the web interface of an affected system. The vulnerability is due to insufficient input validation of certain parameters that are passed to the affected software by using the HTTP POST method. An attacker who can submit malicious scripts to the affected user interface element could execute arbitrary script or HTML code in the user\u0027s browser in the context of the affected site. Cisco Bug IDs: CSCvj33287. Cisco Webex Contains a cross-site scripting vulnerability. Vendors have confirmed this vulnerability Bug ID CSCvj33287 It is released as.Information may be obtained and information may be altered. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. Cisco WebEx is a set of Web conferencing tools developed by American Cisco (Cisco), which can assist office workers in different places to coordinate and cooperate. WebEx services include Web conferencing, telepresence video conferencing and enterprise instant messaging (IM)",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-0390"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008278"
},
{
"db": "BID",
"id": "104865"
},
{
"db": "VULHUB",
"id": "VHN-118592"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-0390",
"trust": 2.8
},
{
"db": "BID",
"id": "104865",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008278",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1292",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-118592",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-118592"
},
{
"db": "BID",
"id": "104865"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008278"
},
{
"db": "NVD",
"id": "CVE-2018-0390"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1292"
}
]
},
"id": "VAR-201807-0432",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-118592"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:43:40.177000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20180718-webex-DOM-xss",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180718-webex-dom-xss"
},
{
"title": "Cisco Webex Fixes for cross-site scripting vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=82193"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-008278"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1292"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-118592"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008278"
},
{
"db": "NVD",
"id": "CVE-2018-0390"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180718-webex-dom-xss"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/104865"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0390"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-0390"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-118592"
},
{
"db": "BID",
"id": "104865"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008278"
},
{
"db": "NVD",
"id": "CVE-2018-0390"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1292"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-118592"
},
{
"db": "BID",
"id": "104865"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-008278"
},
{
"db": "NVD",
"id": "CVE-2018-0390"
},
{
"db": "CNNVD",
"id": "CNNVD-201807-1292"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-07-18T00:00:00",
"db": "VULHUB",
"id": "VHN-118592"
},
{
"date": "2018-07-18T00:00:00",
"db": "BID",
"id": "104865"
},
{
"date": "2018-10-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-008278"
},
{
"date": "2018-07-18T23:29:01.103000",
"db": "NVD",
"id": "CVE-2018-0390"
},
{
"date": "2018-07-19T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201807-1292"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-118592"
},
{
"date": "2018-07-18T00:00:00",
"db": "BID",
"id": "104865"
},
{
"date": "2018-10-12T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-008278"
},
{
"date": "2019-10-09T23:31:57.397000",
"db": "NVD",
"id": "CVE-2018-0390"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201807-1292"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-1292"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Webex Vulnerable to cross-site scripting",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-008278"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201807-1292"
}
],
"trust": 0.6
}
}
var-201102-0053
Vulnerability from variot
Stack-based buffer overflow in Cisco WebEx Meeting Center T27LB before SP21 EP3 and T27LC before SP22 allows user-assisted remote authenticated users to execute arbitrary code by providing a crafted .atp file and then disconnecting from a meeting. NOTE: since this is a site-specific issue with no expected action for consumers, it might be REJECTed. Since this site has been identified, no general user action is required. Cisco WebEx is a web conferencing solution. There is a stack overflow in the .atp file format provided by Cisco WebEx. The function pointers in the stack can be overwritten, and the DEP and ASLR are disabled, resulting in very stable use of the code. Cisco WebEx is prone to a remote code-execution vulnerability because the application fails to perform adequate boundary checks on user-supplied data. An attacker can exploit this issue to execute arbitrary code with the privileges of the affected application. Failed exploit attempts will result in a denial-of-service condition. WebEx is the world's largest provider of network communication services, providing carrier-class network conferencing solutions. Currently WebEx has been acquired by Cisco. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Core Security Technologies - Corelabs Advisory
http://corelabs.coresecurity.com/
Cisco WebEx .atp and .wrf Overflow Vulnerabilities
- Advisory Information
Title: Cisco WebEx .atp and .wrf Overflow Vulnerabilities Advisory ID: CORE-2010-1001 Advisory URL: [http://www.coresecurity.com/content/webex-atp-and-wrf-overflow-vulnerabilities] Date published: 2011-01-31 Date of last update: 2011-01-31 Vendors contacted: Cisco Release mode: Coordinated release
- Vulnerability Description
There are stack overflows on WebEx [1] that can be exploited by sending maliciously crafted .atp and .wrf files to a vulnerable WebEx user. When opened, these files trigger a reliably exploitable stack based buffer overflow. In the .atp case an exception handler can be overwritten on the stack, and most registers can be trivially overwritten.
- Vulnerable packages
. Contact Cisco for a list of vulnerable versions.
- Non-vulnerable packages
. Contact Cisco.
- Vendor Information, Solutions and Workarounds
All clients of WebEx Meeting Center should now be running a patched version according to Cisco. A non-vulnerable version of WebEx Player should be available at [http://www.webex.com/downloadplayer.html].
- Credits
These vulnerabilities were discovered and researched by Federico Muttis, Sebastian Tello and Manuel Muradas from Core Security Technologies during Bugweek 2010 as part of the "Cisco Baby Cisco!" team [2]. The publication of this advisory was coordinated by Pedro Varangot.
- Technical Description
8.1. WebEx Player .wrf Buffer Overflow [CVE-2010-3269]
WebEx Player can be used to playback recordings of WebEx sessions. These recordings can be stored using the .wrf closed and undocumented file format. This vulnerability can also be exploited by publishing a .wrf video file in a meeting, resulting in the compromise of the meeting's participants.
/----- .text:6070C272 loc_6070C272: ; CODE XREF: sub_6070C050+255j .text:6070C272 test esi, esi .text:6070C274 jnz short loc_6070C28F .text:6070C276 push ebx .text:6070C277 call dword ptr [ebp+0Ch] ; call to function pointer on the stack .text:6070C27A add esp, 4 .text:6070C27D test al, al .text:6070C27F jz loc_6070C374 .text:6070C285 mov edi, [ebp+0] .text:6070C288 mov esi, [ebp+4] .text:6070C28B mov eax, [esp+0D98h+var_D80] .text:6070C28F .text:6070C28F loc_6070C28F: ; CODE XREF: sub_6070C050+224j .text:6070C28F mov cl, [edi] ; cl can be controlled, it is read from the malicious .wrf file .text:6070C291 dec esi .text:6070C292 mov [esp+eax+0D98h+var_C8C], cl ; this mov overflows the stack with user controlled values .text:6070C299 mov ecx, [esp+0D98h+var_D84] .text:6070C29D inc edi .text:6070C29E inc eax .text:6070C29F cmp eax, ecx .text:6070C2A1 mov [esp+0D98h+var_D80], eax .text:6070C2A5 jl short loc_6070C272
- -----/
8.2. If his connection to the server is then severed by a malicious payload, the .atp file will be cycled to the next connected client. We developed trivial examples that take control of EIP using arbitrary characters.
- Report Timeline
. 2010-10-04: Core Security Technologies contacts Cisco PSIRT using their provided PGP key notifying them of the vulnerabilities and sending an advisory draft, a proof of concept for the WebEx Player vulnerability, and a proof of concept for the Meeting Center vulnerability including details of how to reproduce both vulnerabilities, and details about the behaviour of the PoC for the Player vulnerability on Windows XP SP2 (which overwrites EIP with 0x41414141 on that platform). October 18th 2010 (a two weeks timeframe) is set as a potential release date for the advisory. 2010-10-05: Cisco PSIRT contacts Core stating that their development team is out of the office till Friday October 8th. November 15th 2010 is mentioned as an estimated release date for a fix. 2010-10-05: Core replies to Cisco PSIRT postponing the release date of this advisory for one week, to Monday October 25th, in order to contemplate the fact that Cisco's development team is away from office for the week. Further changes to the release date will be made after receiving technical feedback. November the 15th is mentioned to be a possible date to settle on. 2010-10-11: Cisco PSIRT replies acknowledging "an exception in WebEx player" but that doesn't overwrite EIP as Core Security Technologies indicated. Cisco PSIRT also asks for more detailed information about the version of WebEx Player used. 2010-10-12: Core sends the requested information, also attaching new proof of concept exploits for the WebEx Player vulnerability (that now executes code and launches "calc.exe"), and further details about the steps needed to reproduce the WebEx Meeting Center crash. Details about the system where the proof of concept for the WebEx Player vulnerability was run are asked. Details about the "exception" are also asked, specially noting that if other registers are overwritten this should be considered as a vulnerability that would possibly lead to reliable code execution even if EIP was not modified (as noted by Core on the e-mail where the PoC was attached). No reply is received to this e-mail. 2010-10-19: Core resends the previous e-mail asking for news about reproduction of the vulnerability on Cisco's side and asking if there was any problem in the reception or interpretation of the last communication. No reply is received to this e-mail. 2010-10-28: Core Security Technologies resends the last e-mail, unilaterally rescheduling the publication of this advisory to November 8th 2010, which is closer to Cisco's initial estimation for the release of a fix. Core states its willingness to reschedule this publication date but only under firm commitment from Cisco to working seriously towards fixing this issue in a scheduled timeframe. An updated advisory draft is attached which includes an updated timeline. 2010-10-30: Cisco PSIRT replies acknowledging the vulnerability, stating that they were able to reproduce code execution results in the currently released version of WebEx, and a crash in their current development version. Cisco also states that there is not information yet from their development team about when a fix for this vulnerability will be released. 2010-11-09: Core replies offering more technical details about exploitation if they are needed, and reminding Cisco that the crash in their development version may also be exploitable even if the current proof of concept exploit only crashes it. The publication date for this advisory is rescheduled to November 22nd 2010. Core states that they will like to schedule a firm date for the release of information about this vulnerability to the public and hence would like to get more information from Cisco about the schedule for the release of a fix. 2010-11-15: Cisco states that fixed code will be deployed in mid-December, but since WebEx Meeting Center runs on a SaaS environment it takes about four or five weeks for all clients to be running the latest version of the code. 2010-12-06: Cisco contacts Core since no reply was received in the past two weeks, and clarifies that a fix will be deployed on December 15th and should be done on January 11th 2011. 2010-12-06: Core states that they believe this advisory should be released as soon as the fix is deployed, since diffing the WebEx binary on the client side gives full details about the WebEx Meeting Center vulnerability to an average skilled reverse engineer. Core schedules the publication of this advisory to December 15th 2010. 2010-12-07: Cisco contacts Core stating that releasing details about this vulnerability would endanger customers, since there is no action they can take to protect themselves because the responsibility of upgrading the code ran by the customer falls on Cisco. Cisco mentions that "many of these customers are probably shared between Cisco and Core Security". 2010-12-10: Cisco contacts Core stating that they have just discovered the WebEx Meeting Center Vulnerability affects a new set of customers that where not accounted for originally. These are customers running T27SP21 that can not be upgraded to SP22. An emergency patch will be released for SP21 in January 2011, and this sets back the date when all clients should be running an updated version to the "end of January, beginning of February."
. 2010-12-14: Core proposes to split this advisory into two different advisories to better accommodate the WebEx Meeting Center SaaS release cycle. On one advisory, the .wrf client side vulnerability would be described, and the other would be dedicated to the WebEx Meeting Center vulnerability that may compromise a meeting's host computer. Core believes this mitigates the risk in a more effective way, since clients can update WebEx Player by themselves on December 15th (the date when Cisco stated the fixed version would be released) and no details of the Meeting Center vulnerability would be released until all clients are running an updated version. 2010-12-15: Cisco states they wouldn't like the advisory to be splitted, and that they prefer Core Security Technologies to go ahead and release information about both vulnerabilities. 2010-12-15: Core states that they prefer to release two advisories because these are two different bugs, in two pieces of software, each one of them with a differently working update channel determined by the vendor. Core also informs Cisco that the download link for WebEx Player points to a vulnerable version as of today, and asks Cisco to clarify what date they meant as mid-December, since Core would like to know when a fixed version of WebEx Player will be available for download to be able to publish the WebEx Player vulnerability. 2010-12-16: Cisco replies saying that releasing two advisories seems like a good plan to them. Cisco also states that since many of their customers observe a lockdown policy during the holidays season, they take a "don't upgrade" policy of their own until Monday January 10th, 2011. That is the reason why the download link of WebEx Player has not been changed yet. 2011-01-10: Core states that they are ready to release this advisory on January 11th, and that releasing two separate advisories seems pointless now because the release date of both would be very similar, and the original idea was to mitigate the risk posed by the .wrf vulnerability. Core also states that they are reviewing the best course of action to take with the issue regarding clients running the old version of WebEx (T27SP21) that according to Cisco are unable to upgrade to SP22 since this was not accounted for previously. 2011-01-13: Core states that since they have committed previously to release the advisory taking into account Cisco's consideration about their SaaS patch deploy model, when factoring the issue of clients running the SP21 version of Meeting Center scheduled by Cisco for emergency update on January, a release date of January the 31st seems reasonable. This date should be taken as final and Core Security Technologies believes it takes into account all information given by Cisco about SaaS updating timeframes. If this is not the case Cisco is asked to rectify ASAP. 2011-01-14: Cisco confirms that the timeframe (publishing both vulnerabilities on January 31st) works for them. 2011-01-31: The advisory CORE-2010-1001 is published.
- References
[1] [http://www.webex.com/] [2] [http://corelabs.coresecurity.com/index.php?module=Wiki&action=view&type=project&name=Bugweek]
- About CoreLabs
CoreLabs, the research center of Core Security Technologies, is charged with anticipating the future needs and requirements for information security technologies. We conduct our research in several important areas of computer security including system vulnerabilities, cyber attack planning and simulation, source code auditing, and cryptography. Our results include problem formalization, identification of vulnerabilities, novel solutions and prototypes for new technologies. CoreLabs regularly publishes security advisories, technical papers, project information and shared software tools for public use at: [http://corelabs.coresecurity.com].
- About Core Security Technologies
Core Security Technologies develops strategic solutions that help security-conscious organizations worldwide develop and maintain a proactive process for securing their networks. The company's flagship product, CORE IMPACT, is the most comprehensive product for performing enterprise security assurance testing. CORE IMPACT evaluates network, endpoint and end-user vulnerabilities and identifies what resources are exposed. It enables organizations to determine if current security investments are detecting and preventing attacks. Core Security Technologies augments its leading technology solution with world-class security consulting services, including penetration testing and software security auditing. Based in Boston, MA and Buenos Aires, Argentina, Core Security Technologies can be reached at 617-399-6980 or on the Web at [http://www.coresecurity.com].
- Disclaimer
The contents of this advisory are copyright (c) 2011 Core Security Technologies and (c) 2011 CoreLabs, and are licensed under a Creative Commons Attribution Non-Commercial Share-Alike 3.0 (United States) License: [http://creativecommons.org/licenses/by-nc-sa/3.0/us/]
- PGP/GPG Keys
This advisory has been signed with the GPG key of Core Security Technologies advisories team, which is available for download at [http://www.coresecurity.com/files/attachments/core_security_advisories.asc].
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32)
iEYEARECAAYFAk1HJwcACgkQyNibggitWa13VwCfVg6jVkuv3PhqmhNqZFIQO7CB L1YAni1ONdRqEYczbkvki9r0Y7nr9cIQ =9HdA -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201102-0053",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webex meeting center",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.0"
},
{
"model": "webex meeting center",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "t27lb of sp21 ep3"
},
{
"model": "webex meeting center",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "t27lc of sp22"
},
{
"model": "webex",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-0410"
},
{
"db": "BID",
"id": "46078"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003864"
},
{
"db": "NVD",
"id": "CVE-2010-3270"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-033"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meeting_center:27.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2010-3270"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Federico Muttis, Sebasti\u00e1n Tello and Manuel Muradas of Core Security Technologies",
"sources": [
{
"db": "BID",
"id": "46078"
}
],
"trust": 0.3
},
"cve": "CVE-2010-3270",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "MULTIPLE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.2,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:H/Au:M/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "High",
"accessVector": "Network",
"authentication": "Multiple",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 6.8,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2010-3270",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:H/Au:M/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "MULTIPLE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 6.8,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 3.2,
"id": "VHN-45875",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:H/AU:M/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2010-3270",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201102-033",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-45875",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-45875"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003864"
},
{
"db": "NVD",
"id": "CVE-2010-3270"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-033"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Stack-based buffer overflow in Cisco WebEx Meeting Center T27LB before SP21 EP3 and T27LC before SP22 allows user-assisted remote authenticated users to execute arbitrary code by providing a crafted .atp file and then disconnecting from a meeting. NOTE: since this is a site-specific issue with no expected action for consumers, it might be REJECTed. Since this site has been identified, no general user action is required. Cisco WebEx is a web conferencing solution. There is a stack overflow in the .atp file format provided by Cisco WebEx. The function pointers in the stack can be overwritten, and the DEP and ASLR are disabled, resulting in very stable use of the code. Cisco WebEx is prone to a remote code-execution vulnerability because the application fails to perform adequate boundary checks on user-supplied data. \nAn attacker can exploit this issue to execute arbitrary code with the privileges of the affected application. Failed exploit attempts will result in a denial-of-service condition. WebEx is the world\u0027s largest provider of network communication services, providing carrier-class network conferencing solutions. Currently WebEx has been acquired by Cisco. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n Core Security Technologies - Corelabs Advisory\n http://corelabs.coresecurity.com/\n\n Cisco WebEx .atp and .wrf Overflow Vulnerabilities\n\n\n\n1. *Advisory Information*\n\nTitle: Cisco WebEx .atp and .wrf Overflow Vulnerabilities\nAdvisory ID: CORE-2010-1001\nAdvisory URL:\n[http://www.coresecurity.com/content/webex-atp-and-wrf-overflow-vulnerabilities]\nDate published: 2011-01-31\nDate of last update: 2011-01-31\nVendors contacted: Cisco\nRelease mode: Coordinated release\n\n\n\n2. *Vulnerability Description*\n\nThere are stack overflows on WebEx [1] that can be exploited by sending\nmaliciously crafted .atp and .wrf files to a vulnerable WebEx user. When\nopened, these files trigger a reliably exploitable stack based buffer\noverflow. In the .atp case an exception\nhandler can be overwritten on the stack, and most registers can be\ntrivially overwritten. \n\n\n4. *Vulnerable packages*\n\n . Contact Cisco for a list of vulnerable versions. \n\n\n5. *Non-vulnerable packages*\n\n . Contact Cisco. \n\n\n6. *Vendor Information, Solutions and Workarounds*\n\nAll clients of WebEx Meeting Center should now be running a patched\nversion according to Cisco. A non-vulnerable version of WebEx Player\nshould be available at [http://www.webex.com/downloadplayer.html]. \n\n\n7. *Credits*\n\nThese vulnerabilities were discovered and researched by Federico Muttis,\nSebastian Tello and Manuel Muradas from Core Security Technologies\nduring Bugweek 2010 as part of the \"Cisco Baby Cisco!\" team [2]. The\npublication of this advisory was coordinated by Pedro Varangot. \n\n\n8. *Technical Description*\n\n\n8.1. *WebEx Player .wrf Buffer Overflow [CVE-2010-3269]*\n\nWebEx Player can be used to playback recordings of WebEx sessions. These\nrecordings can be stored using the .wrf closed and undocumented file\nformat. This vulnerability can also be exploited by publishing a .wrf\nvideo file in a meeting, resulting in the compromise of the meeting\u0027s\nparticipants. \n\n/-----\n.text:6070C272 loc_6070C272: ; CODE XREF:\nsub_6070C050+255j\n.text:6070C272 test esi, esi\n.text:6070C274 jnz short loc_6070C28F\n.text:6070C276 push ebx\n.text:6070C277 call dword ptr [ebp+0Ch] ; call to\nfunction pointer on the stack\n.text:6070C27A add esp, 4\n.text:6070C27D test al, al\n.text:6070C27F jz loc_6070C374\n.text:6070C285 mov edi, [ebp+0]\n.text:6070C288 mov esi, [ebp+4]\n.text:6070C28B mov eax, [esp+0D98h+var_D80]\n.text:6070C28F\n.text:6070C28F loc_6070C28F: ; CODE XREF:\nsub_6070C050+224j\n.text:6070C28F mov cl, [edi] ; cl can be\ncontrolled, it is read from the malicious .wrf file\n.text:6070C291 dec esi\n.text:6070C292 mov [esp+eax+0D98h+var_C8C], cl ;\nthis mov overflows the stack with user controlled values\n.text:6070C299 mov ecx, [esp+0D98h+var_D84]\n.text:6070C29D inc edi\n.text:6070C29E inc eax\n.text:6070C29F cmp eax, ecx\n.text:6070C2A1 mov [esp+0D98h+var_D80], eax\n.text:6070C2A5 jl short loc_6070C272\n\n- -----/\n\n\n\n8.2. If his connection to the\nserver is then severed by a malicious payload, the .atp file will be\ncycled to the next connected client. We\ndeveloped trivial examples that take control of EIP using arbitrary\ncharacters. \n\n\n9. *Report Timeline*\n\n. 2010-10-04:\nCore Security Technologies contacts Cisco PSIRT using their provided PGP\nkey notifying them of the vulnerabilities and sending an advisory draft,\na proof of concept for the WebEx Player vulnerability, and a proof of\nconcept for the Meeting Center vulnerability including details of how to\nreproduce both vulnerabilities, and details about the behaviour of the\nPoC for the Player vulnerability on Windows XP SP2 (which overwrites EIP\nwith 0x41414141 on that platform). October 18th 2010 (a two weeks\ntimeframe) is set as a potential release date for the advisory. 2010-10-05:\nCisco PSIRT contacts Core stating that their development team is out of\nthe office till Friday October 8th. November 15th 2010 is mentioned as\nan estimated release date for a fix. 2010-10-05:\nCore replies to Cisco PSIRT postponing the release date of this advisory\nfor one week, to Monday October 25th, in order to contemplate the fact\nthat Cisco\u0027s development team is away from office for the week. Further\nchanges to the release date will be made after receiving technical\nfeedback. November the 15th is mentioned to be a possible date to settle\non. 2010-10-11:\nCisco PSIRT replies acknowledging \"an exception in WebEx player\" but\nthat doesn\u0027t overwrite EIP as Core Security Technologies indicated. Cisco PSIRT also asks for more detailed information\nabout the version of WebEx Player used. 2010-10-12:\nCore sends the requested information, also attaching new proof of\nconcept exploits for the WebEx Player vulnerability (that now executes\ncode and launches \"calc.exe\"), and further details about the steps\nneeded to reproduce the WebEx Meeting Center crash. Details about the\nsystem where the proof of concept for the WebEx Player vulnerability was\nrun are asked. Details about the \"exception\" are also asked, specially\nnoting that if other registers are overwritten this should be considered\nas a vulnerability that would possibly lead to reliable code execution\neven if EIP was not modified (as noted by Core on the e-mail where the\nPoC was attached). No reply is received to this e-mail. 2010-10-19:\nCore resends the previous e-mail asking for news about reproduction of\nthe vulnerability on Cisco\u0027s side and asking if there was any problem in\nthe reception or interpretation of the last communication. No reply is\nreceived to this e-mail. 2010-10-28:\nCore Security Technologies resends the last e-mail, unilaterally\nrescheduling the publication of this advisory to November 8th 2010,\nwhich is closer to Cisco\u0027s initial estimation for the release of a fix. \nCore states its willingness to reschedule this publication date but only\nunder firm commitment from Cisco to working seriously towards fixing\nthis issue in a scheduled timeframe. An updated advisory draft is\nattached which includes an updated timeline. 2010-10-30:\nCisco PSIRT replies acknowledging the vulnerability, stating that they\nwere able to reproduce code execution results in the currently released\nversion of WebEx, and a crash in their current development version. \nCisco also states that there is not information yet from their\ndevelopment team about when a fix for this vulnerability will be released. 2010-11-09:\nCore replies offering more technical details about exploitation if they\nare needed, and reminding Cisco that the crash in their development\nversion may also be exploitable even if the current proof of concept\nexploit only crashes it. The publication date for this advisory is\nrescheduled to November 22nd 2010. Core states that they will like to\nschedule a firm date for the release of information about this\nvulnerability to the public and hence would like to get more information\nfrom Cisco about the schedule for the release of a fix. 2010-11-15:\nCisco states that fixed code will be deployed in mid-December, but since\nWebEx Meeting Center runs on a SaaS environment it takes about four or\nfive weeks for all clients to be running the latest version of the code. 2010-12-06:\nCisco contacts Core since no reply was received in the past two weeks,\nand clarifies that a fix will be deployed on December 15th and should be\ndone on January 11th 2011. 2010-12-06:\nCore states that they believe this advisory should be released as soon\nas the fix is deployed, since diffing the WebEx binary on the client\nside gives full details about the WebEx Meeting Center vulnerability to\nan average skilled reverse engineer. Core schedules the publication of\nthis advisory to December 15th 2010. 2010-12-07:\nCisco contacts Core stating that releasing details about this\nvulnerability would endanger customers, since there is no action they\ncan take to protect themselves because the responsibility of upgrading\nthe code ran by the customer falls on Cisco. Cisco mentions that \"many\nof these customers are probably shared between Cisco and Core Security\". 2010-12-10:\nCisco contacts Core stating that they have just discovered the WebEx\nMeeting Center Vulnerability affects a new set of customers that where\nnot accounted for originally. These are customers running T27SP21 that\ncan not be upgraded to SP22. An emergency patch will be released for\nSP21 in January 2011, and this sets back the date when all clients\nshould be running an updated version to the \"end of January, beginning\nof February.\"\n\n. 2010-12-14:\nCore proposes to split this advisory into two different advisories to\nbetter accommodate the WebEx Meeting Center SaaS release cycle. On one\nadvisory, the .wrf client side vulnerability would be described, and the\nother would be dedicated to the WebEx Meeting Center vulnerability that\nmay compromise a meeting\u0027s host computer. Core believes this mitigates\nthe risk in a more effective way, since clients can update WebEx Player\nby themselves on December 15th (the date when Cisco stated the fixed\nversion would be released) and no details of the Meeting Center\nvulnerability would be released until all clients are running an updated\nversion. 2010-12-15:\nCisco states they wouldn\u0027t like the advisory to be splitted, and that\nthey prefer Core Security Technologies to go ahead and release\ninformation about both vulnerabilities. 2010-12-15:\nCore states that they prefer to release two advisories because these are\ntwo different bugs, in two pieces of software, each one of them with a\ndifferently working update channel determined by the vendor. Core also\ninforms Cisco that the download link for WebEx Player points to a\nvulnerable version as of today, and asks Cisco to clarify what date they\nmeant as mid-December, since Core would like to know when a fixed\nversion of WebEx Player will be available for download to be able to\npublish the WebEx Player vulnerability. 2010-12-16:\nCisco replies saying that releasing two advisories seems like a good\nplan to them. Cisco also states that since many of their customers\nobserve a lockdown policy during the holidays season, they take a \"don\u0027t\nupgrade\" policy of their own until Monday January 10th, 2011. That is\nthe reason why the download link of WebEx Player has not been changed yet. 2011-01-10:\nCore states that they are ready to release this advisory on January\n11th, and that releasing two separate advisories seems pointless now\nbecause the release date of both would be very similar, and the original\nidea was to mitigate the risk posed by the .wrf vulnerability. Core also\nstates that they are reviewing the best course of action to take with\nthe issue regarding clients running the old version of WebEx (T27SP21)\nthat according to Cisco are unable to upgrade to SP22 since this was not\naccounted for previously. 2011-01-13:\nCore states that since they have committed previously to release the\nadvisory taking into account Cisco\u0027s consideration about their SaaS\npatch deploy model, when factoring the issue of clients running the SP21\nversion of Meeting Center scheduled by Cisco for emergency update on\nJanuary, a release date of January the 31st seems reasonable. This date\nshould be taken as final and Core Security Technologies believes it\ntakes into account all information given by Cisco about SaaS updating\ntimeframes. If this is not the case Cisco is asked to rectify ASAP. 2011-01-14:\nCisco confirms that the timeframe (publishing both vulnerabilities on\nJanuary 31st) works for them. 2011-01-31:\nThe advisory CORE-2010-1001 is published. \n\n\n\n10. *References*\n\n[1] [http://www.webex.com/]\n[2]\n[http://corelabs.coresecurity.com/index.php?module=Wiki\u0026action=view\u0026type=project\u0026name=Bugweek]\n\n\n11. *About CoreLabs*\n\nCoreLabs, the research center of Core Security Technologies, is charged\nwith anticipating the future needs and requirements for information\nsecurity technologies. We conduct our research in several important\nareas of computer security including system vulnerabilities, cyber\nattack planning and simulation, source code auditing, and cryptography. \nOur results include problem formalization, identification of\nvulnerabilities, novel solutions and prototypes for new technologies. \nCoreLabs regularly publishes security advisories, technical papers,\nproject information and shared software tools for public use at:\n[http://corelabs.coresecurity.com]. \n\n\n12. *About Core Security Technologies*\n\nCore Security Technologies develops strategic solutions that help\nsecurity-conscious organizations worldwide develop and maintain a\nproactive process for securing their networks. The company\u0027s flagship\nproduct, CORE IMPACT, is the most comprehensive product for performing\nenterprise security assurance testing. CORE IMPACT evaluates network,\nendpoint and end-user vulnerabilities and identifies what resources are\nexposed. It enables organizations to determine if current security\ninvestments are detecting and preventing attacks. Core Security\nTechnologies augments its leading technology solution with world-class\nsecurity consulting services, including penetration testing and software\nsecurity auditing. Based in Boston, MA and Buenos Aires, Argentina, Core\nSecurity Technologies can be reached at 617-399-6980 or on the Web at\n[http://www.coresecurity.com]. \n\n\n13. *Disclaimer*\n\nThe contents of this advisory are copyright (c) 2011 Core Security\nTechnologies and (c) 2011 CoreLabs, and are licensed under a Creative\nCommons Attribution Non-Commercial Share-Alike 3.0 (United States)\nLicense: [http://creativecommons.org/licenses/by-nc-sa/3.0/us/]\n\n\n14. *PGP/GPG Keys*\n\nThis advisory has been signed with the GPG key of Core Security\nTechnologies advisories team, which is available for download at\n[http://www.coresecurity.com/files/attachments/core_security_advisories.asc]. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.9 (MingW32)\n\niEYEARECAAYFAk1HJwcACgkQyNibggitWa13VwCfVg6jVkuv3PhqmhNqZFIQO7CB\nL1YAni1ONdRqEYczbkvki9r0Y7nr9cIQ\n=9HdA\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-3270"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003864"
},
{
"db": "CNVD",
"id": "CNVD-2011-0410"
},
{
"db": "BID",
"id": "46078"
},
{
"db": "VULHUB",
"id": "VHN-45875"
},
{
"db": "PACKETSTORM",
"id": "98038"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-3270",
"trust": 3.5
},
{
"db": "BID",
"id": "46078",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1025015",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2011-0260",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003864",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201102-033",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2011-0410",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20110131 [CORE-2010-1001] CISCO WEBEX .ATP AND .WRF OVERFLOW VULNERABILITIES",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "16393",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-45875",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "98038",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-0410"
},
{
"db": "VULHUB",
"id": "VHN-45875"
},
{
"db": "BID",
"id": "46078"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003864"
},
{
"db": "PACKETSTORM",
"id": "98038"
},
{
"db": "NVD",
"id": "CVE-2010-3270"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-033"
}
]
},
"id": "VAR-201102-0053",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-0410"
},
{
"db": "VULHUB",
"id": "VHN-45875"
}
],
"trust": 0.06999999999999999
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-0410"
}
]
},
"last_update_date": "2023-12-18T12:58:25.552000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "22355",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=22355"
},
{
"title": "Patch for Cisco WebEx ATP File Remote Stack Buffer Overflow Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/2785"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-0410"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003864"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-45875"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003864"
},
{
"db": "NVD",
"id": "CVE-2010-3270"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://www.coresecurity.com/content/webex-atp-and-wrf-overflow-vulnerabilities"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/46078"
},
{
"trust": 1.7,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=22355"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1025015"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2011/0260"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/516095/100/0/threaded"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3270"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-3270"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/516095/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/16393"
},
{
"trust": 0.3,
"url": "http://www.webex.com/"
},
{
"trust": 0.1,
"url": "http://www.coresecurity.com/content/webex-atp-and-wrf-overflow-vulnerabilities]"
},
{
"trust": 0.1,
"url": "http://corelabs.coresecurity.com]."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3270"
},
{
"trust": 0.1,
"url": "http://www.coresecurity.com/files/attachments/core_security_advisories.asc]."
},
{
"trust": 0.1,
"url": "http://corelabs.coresecurity.com/"
},
{
"trust": 0.1,
"url": "http://www.webex.com/]"
},
{
"trust": 0.1,
"url": "http://www.coresecurity.com]."
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3269"
},
{
"trust": 0.1,
"url": "http://corelabs.coresecurity.com/index.php?module=wiki\u0026action=view\u0026type=project\u0026name=bugweek]"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-nc-sa/3.0/us/]"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "http://www.webex.com/downloadplayer.html]."
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-0410"
},
{
"db": "VULHUB",
"id": "VHN-45875"
},
{
"db": "BID",
"id": "46078"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003864"
},
{
"db": "PACKETSTORM",
"id": "98038"
},
{
"db": "NVD",
"id": "CVE-2010-3270"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-033"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2011-0410"
},
{
"db": "VULHUB",
"id": "VHN-45875"
},
{
"db": "BID",
"id": "46078"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003864"
},
{
"db": "PACKETSTORM",
"id": "98038"
},
{
"db": "NVD",
"id": "CVE-2010-3270"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-033"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-02-01T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-0410"
},
{
"date": "2011-02-02T00:00:00",
"db": "VULHUB",
"id": "VHN-45875"
},
{
"date": "2011-01-31T00:00:00",
"db": "BID",
"id": "46078"
},
{
"date": "2012-03-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-003864"
},
{
"date": "2011-02-01T04:52:28",
"db": "PACKETSTORM",
"id": "98038"
},
{
"date": "2011-02-02T23:00:32.127000",
"db": "NVD",
"id": "CVE-2010-3270"
},
{
"date": "2011-02-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-033"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-02-01T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-0410"
},
{
"date": "2018-10-10T00:00:00",
"db": "VULHUB",
"id": "VHN-45875"
},
{
"date": "2011-01-31T00:00:00",
"db": "BID",
"id": "46078"
},
{
"date": "2012-03-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-003864"
},
{
"date": "2018-10-10T20:01:32.443000",
"db": "NVD",
"id": "CVE-2010-3270"
},
{
"date": "2011-02-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-033"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201102-033"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco WebEx ATP File Remote Stack Buffer Overflow Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-0410"
},
{
"db": "BID",
"id": "46078"
}
],
"trust": 0.9
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201102-033"
}
],
"trust": 0.6
}
}
var-201210-0314
Vulnerability from variot
Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCtz72967. Cisco WebEx is prone to multiple remote memory-corruption vulnerabilities. An attacker can exploit these issues to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions. Cisco WebEx is a set of Web conferencing tools developed by American Cisco (Cisco), which can assist office workers in different places to coordinate and cooperate. WebEx services include Web conferencing, telepresence video conferencing and enterprise instant messaging (IM). Cisco WebEx Player is used to play the WebEx meeting records recorded by participants on their computers. ----------------------------------------------------------------------
The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/
TITLE: Cisco WebEx Recording Format Player Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA50905
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/50905/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=50905
RELEASE DATE: 2012-10-11
DISCUSS ADVISORY: http://secunia.com/advisories/50905/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/50905/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=50905
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Cisco WebEx Recording Format Player, which can be exploited by malicious people to compromise a user's system.
1) An unspecified error can be exploited to cause a buffer overflow via a specially crafted WRF file.
2) An unspecified error can be exploited to cause a buffer overflow via a specially crafted WRF file.
3) An unspecified error can be exploited to cause a buffer overflow via a specially crafted WRF file.
4) An unspecified error can be exploited to corrupt memory via a specially crafted WRF file.
5) An unspecified error can be exploited to cause a buffer overflow via a specially crafted WRF file.
6) An unspecified error can be exploited to cause a heap-based buffer overflow via a specially crafted WRF file.
Successful exploitation of the vulnerabilities may allow execution of arbitrary code.
The vulnerabilities are reported in the following versions: * T28 client builds prior to T28.4 (28.4) * T27 client builds prior to T27LDSP32EP10 (27.32.10)
SOLUTION: Update to version 28.4 or 27.32.10.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: The vendor credits Beyond Security, Core Security, Codenomicon, and TELUS.
ORIGINAL ADVISORY: Cisco: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-webex
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201210-0314",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webex recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.25.10"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.21.10"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.32.1"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.11.26"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "28.0.0"
},
{
"model": "webex recording format player",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "t28 client build"
},
{
"model": "webex recording format player",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "t27 client build"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "t28.4 (28.4)"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "t27ldsp32ep10 (27.32.10)"
},
{
"model": "webex t27 ld sp32 cp1",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 ld sp32",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 lc sp25 ep9",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 lc sp25 ep10",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 lb sp21 ep10",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 l sp11 ep26",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 fr20",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "27.00"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "27.10"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)27.11.8"
},
{
"model": "webex (mac os t27 sp28",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 sp25 ep3",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 sp23",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 sp21 ep9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 sp11 ep23",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 ld sp32 cp1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 ld sp32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 lc sp25 ep9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 lc sp25 ep10",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 lb sp21 ep10",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 l sp11 ep26",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 fr20",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)27.00"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "27.11.8"
},
{
"model": "webex t27 sp28",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 sp25 ep3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 sp23",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 sp21 ep9",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 sp11 ep23",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "55866"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005132"
},
{
"db": "NVD",
"id": "CVE-2012-3937"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-234"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:27.11.26:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:27.21.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:27.25.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:27.32.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:28.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-3937"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Beyond Security, Core Security, Codenomicon, and TELUS",
"sources": [
{
"db": "BID",
"id": "55866"
}
],
"trust": 0.3
},
"cve": "CVE-2012-3937",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2012-3937",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-57218",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-3937",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201210-234",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-57218",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57218"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005132"
},
{
"db": "NVD",
"id": "CVE-2012-3937"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-234"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCtz72967. Cisco WebEx is prone to multiple remote memory-corruption vulnerabilities. \nAn attacker can exploit these issues to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions. Cisco WebEx is a set of Web conferencing tools developed by American Cisco (Cisco), which can assist office workers in different places to coordinate and cooperate. WebEx services include Web conferencing, telepresence video conferencing and enterprise instant messaging (IM). Cisco WebEx Player is used to play the WebEx meeting records recorded by participants on their computers. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nCisco WebEx Recording Format Player Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA50905\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/50905/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50905\n\nRELEASE DATE:\n2012-10-11\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/50905/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/50905/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50905\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Cisco WebEx Recording\nFormat Player, which can be exploited by malicious people to\ncompromise a user\u0027s system. \n\n1) An unspecified error can be exploited to cause a buffer overflow\nvia a specially crafted WRF file. \n\n2) An unspecified error can be exploited to cause a buffer overflow\nvia a specially crafted WRF file. \n\n3) An unspecified error can be exploited to cause a buffer overflow\nvia a specially crafted WRF file. \n\n4) An unspecified error can be exploited to corrupt memory via a\nspecially crafted WRF file. \n\n5) An unspecified error can be exploited to cause a buffer overflow\nvia a specially crafted WRF file. \n\n6) An unspecified error can be exploited to cause a heap-based buffer\noverflow via a specially crafted WRF file. \n\nSuccessful exploitation of the vulnerabilities may allow execution of\narbitrary code. \n\nThe vulnerabilities are reported in the following versions:\n* T28 client builds prior to T28.4 (28.4)\n* T27 client builds prior to T27LDSP32EP10 (27.32.10)\n\nSOLUTION:\nUpdate to version 28.4 or 27.32.10. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits Beyond Security, Core Security, Codenomicon, and\nTELUS. \n\nORIGINAL ADVISORY:\nCisco:\nhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-webex\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-3937"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005132"
},
{
"db": "BID",
"id": "55866"
},
{
"db": "VULHUB",
"id": "VHN-57218"
},
{
"db": "PACKETSTORM",
"id": "117325"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-3937",
"trust": 2.8
},
{
"db": "BID",
"id": "55866",
"trust": 1.4
},
{
"db": "OSVDB",
"id": "86142",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1027639",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005132",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201210-234",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "50905",
"trust": 0.7
},
{
"db": "CISCO",
"id": "20121010 MULTIPLE VULNERABILITIES IN THE CISCO WEBEX RECORDING FORMAT PLAYER",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-57218",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "117325",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57218"
},
{
"db": "BID",
"id": "55866"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005132"
},
{
"db": "PACKETSTORM",
"id": "117325"
},
{
"db": "NVD",
"id": "CVE-2012-3937"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-234"
}
]
},
"id": "VAR-201210-0314",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-57218"
}
],
"trust": 0.69583333
},
"last_update_date": "2023-12-18T13:09:37.400000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20121010-webex",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20121010-webex"
},
{
"title": "27109",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=27109"
},
{
"title": "cisco-sa-20121010-webex",
"trust": 0.8,
"url": "http://www.cisco.com/cisco/web/support/jp/111/1116/1116639_cisco-sa-20121010-webex-j.html"
},
{
"title": "atrecply",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=45107"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-005132"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-234"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57218"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005132"
},
{
"db": "NVD",
"id": "CVE-2012-3937"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20121010-webex"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/55866"
},
{
"trust": 1.1,
"url": "http://osvdb.org/86142"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1027639"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3937"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-3937"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/50905"
},
{
"trust": 0.3,
"url": "http://www.webex.com/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50905"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50905/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/blog/325/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50905/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57218"
},
{
"db": "BID",
"id": "55866"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005132"
},
{
"db": "PACKETSTORM",
"id": "117325"
},
{
"db": "NVD",
"id": "CVE-2012-3937"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-234"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-57218"
},
{
"db": "BID",
"id": "55866"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005132"
},
{
"db": "PACKETSTORM",
"id": "117325"
},
{
"db": "NVD",
"id": "CVE-2012-3937"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-234"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-10-25T00:00:00",
"db": "VULHUB",
"id": "VHN-57218"
},
{
"date": "2012-10-10T00:00:00",
"db": "BID",
"id": "55866"
},
{
"date": "2012-10-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-005132"
},
{
"date": "2012-10-11T10:07:14",
"db": "PACKETSTORM",
"id": "117325"
},
{
"date": "2012-10-25T14:55:03.607000",
"db": "NVD",
"id": "CVE-2012-3937"
},
{
"date": "2012-10-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201210-234"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-05-04T00:00:00",
"db": "VULHUB",
"id": "VHN-57218"
},
{
"date": "2015-03-19T09:16:00",
"db": "BID",
"id": "55866"
},
{
"date": "2012-10-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-005132"
},
{
"date": "2013-05-04T03:20:03.650000",
"db": "NVD",
"id": "CVE-2012-3937"
},
{
"date": "2012-10-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201210-234"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201210-234"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco WebEx Recording Format Player Vulnerable to buffer overflow",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-005132"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201210-234"
}
],
"trust": 0.6
}
}
var-201206-0112
Vulnerability from variot
Heap-based buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27 LC before SP25 EP11, T27 LD before SP32 CP2, and T28 L10N before SP1 allows remote attackers to execute arbitrary code via a crafted size field in audio data within a WRF file, aka Bug ID CSCtz00755. Cisco WebEx Recording Format (WRF) player Contains a heap-based buffer overflow vulnerability. Cisco WebEx is prone to multiple remote buffer-overflow vulnerabilities because it fails to perform adequate boundary-checks on user-supplied data. An attacker can exploit these issues to execute arbitrary code with the privileges of the affected application. Failed exploit attempts will result in a denial-of-service condition. Cisco WebEx is a set of Web conferencing tools developed by American Cisco (Cisco), which can assist office workers in different places to coordinate and cooperate. WebEx services include Web conferencing, telepresence video conferencing and enterprise instant messaging (IM). ----------------------------------------------------------------------
Become a PSI 3.0 beta tester! Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. Download it here! http://secunia.com/psi_30_beta_launch
TITLE: Cisco WebEx Player WRF Processing Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA49750
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/49750/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=49750
RELEASE DATE: 2012-06-28
DISCUSS ADVISORY: http://secunia.com/advisories/49750/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/49750/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=49750
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in WebEx Recording Format Player, which can be exploited by malicious people to compromise a user's system.
2) An error when processing the JPEG DHT chunk within a WRF file can be exploited to cause a stack-based buffer overflow.
3) An unspecified error when processing WRF files can be exploited to corrupt memory.
Successful exploitation of the vulnerabilities may allow execution of arbitrary code.
The vulnerabilities are reported in the following versions: * Client builds 28.0.0 (T28 L10N). * Client builds 27.32.1 (T27 LD SP32 CP1) and prior. * Client builds 27.25.10 (T27 LC SP25 EP10) and prior. * Client builds 27.21.10 (T27 LB SP21 EP10) and prior. * Client builds 27.11.26 (T27 L SP11 EP26) and prior.
SOLUTION: Update to a fixed client build (please see the vendor's advisory for details).
PROVIDED AND/OR DISCOVERED BY: The vendor credits iDefense and Microsoft Vulnerability Research (MSVR).
ORIGINAL ADVISORY: Cisco: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120627-webex
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201206-0112",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webex recording format player",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "27.11.26"
},
{
"model": "webex recording format player",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "27.32.0"
},
{
"model": "webex recording format player",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "28.0.0"
},
{
"model": "webex recording format player",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "27.21.0"
},
{
"model": "webex recording format player",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "27.11.0"
},
{
"model": "webex recording format player",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "27.21.10"
},
{
"model": "webex recording format player",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "27.25.0"
},
{
"model": "webex recording format player",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "27.25.11"
},
{
"model": "webex recording format player",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "27.32.2"
},
{
"model": "webex recording format player",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "28.0.1"
},
{
"model": "webex recording format player",
"scope": "lte",
"trust": 0.8,
"vendor": "cisco",
"version": "client builds 27.25.10 (t27 lc sp25 ep10)"
},
{
"model": "webex recording format player",
"scope": "lte",
"trust": 0.8,
"vendor": "cisco",
"version": "client builds 27.32.1 (t27 ld sp32 cp1)"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "client builds 28.0.0 (t28 l 10n)"
},
{
"model": "webex t27 sp28",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 sp25 ep3",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 sp23",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 sp21 ep9",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 sp11 ep23",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 ld sp32 cp1",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 ld sp32",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 lc sp25 ep9",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 lc sp25 ep10",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 lb sp21 ep10",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 l sp11 ep26",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 fr20",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t26 sp49 ep40",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex 27lc sp22",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex 27lb sp21 ep3",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "27.00"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "26.00"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "27.32.1"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "27.11.26"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "28.0.0"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "27.25.10"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "27.21.10"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "27.10"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "26.49.32"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)27.11.8"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)26.49.35"
},
{
"model": "webex (mac os t27 sp28",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 sp25 ep3",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 sp23",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 sp21 ep9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 sp11 ep23",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 ld sp32 cp1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 ld sp32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 lc sp25 ep9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 lc sp25 ep10",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 lb sp21 ep10",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 l sp11 ep26",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 fr20",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t26 sp49 ep40",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os 27lc sp22",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os 27lb sp21 ep3",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)27.00"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)26.00"
},
{
"model": "webex (ma t27 ld sp32",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "27.11.8"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "26.49.35"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "28"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "27"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "54213"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002945"
},
{
"db": "NVD",
"id": "CVE-2012-3057"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-529"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "27.11.26",
"versionStartIncluding": "27.11.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "27.21.10",
"versionStartIncluding": "27.21.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "27.25.11",
"versionStartIncluding": "27.25.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "28.0.1",
"versionStartIncluding": "28.0.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "27.32.2",
"versionStartIncluding": "27.32.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-3057"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "iDefense and Microsoft Vulnerability Research (MSVR)",
"sources": [
{
"db": "BID",
"id": "54213"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-529"
}
],
"trust": 0.9
},
"cve": "CVE-2012-3057",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2012-3057",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-56338",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-3057",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201206-529",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-56338",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-56338"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002945"
},
{
"db": "NVD",
"id": "CVE-2012-3057"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-529"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Heap-based buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27 LC before SP25 EP11, T27 LD before SP32 CP2, and T28 L10N before SP1 allows remote attackers to execute arbitrary code via a crafted size field in audio data within a WRF file, aka Bug ID CSCtz00755. Cisco WebEx Recording Format (WRF) player Contains a heap-based buffer overflow vulnerability. Cisco WebEx is prone to multiple remote buffer-overflow vulnerabilities because it fails to perform adequate boundary-checks on user-supplied data. \nAn attacker can exploit these issues to execute arbitrary code with the privileges of the affected application. Failed exploit attempts will result in a denial-of-service condition. Cisco WebEx is a set of Web conferencing tools developed by American Cisco (Cisco), which can assist office workers in different places to coordinate and cooperate. WebEx services include Web conferencing, telepresence video conferencing and enterprise instant messaging (IM). ----------------------------------------------------------------------\n\nBecome a PSI 3.0 beta tester!\nTest-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. \nDownload it here!\nhttp://secunia.com/psi_30_beta_launch\n\n----------------------------------------------------------------------\n\nTITLE:\nCisco WebEx Player WRF Processing Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA49750\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/49750/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49750\n\nRELEASE DATE:\n2012-06-28\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/49750/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/49750/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49750\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in WebEx Recording Format\nPlayer, which can be exploited by malicious people to compromise a\nuser\u0027s system. \n\n2) An error when processing the JPEG DHT chunk within a WRF file can\nbe exploited to cause a stack-based buffer overflow. \n\n3) An unspecified error when processing WRF files can be exploited to\ncorrupt memory. \n\nSuccessful exploitation of the vulnerabilities may allow execution of\narbitrary code. \n\nThe vulnerabilities are reported in the following versions:\n* Client builds 28.0.0 (T28 L10N). \n* Client builds 27.32.1 (T27 LD SP32 CP1) and prior. \n* Client builds 27.25.10 (T27 LC SP25 EP10) and prior. \n* Client builds 27.21.10 (T27 LB SP21 EP10) and prior. \n* Client builds 27.11.26 (T27 L SP11 EP26) and prior. \n\nSOLUTION:\nUpdate to a fixed client build (please see the vendor\u0027s advisory for\ndetails). \n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits iDefense and Microsoft Vulnerability Research\n(MSVR). \n\nORIGINAL ADVISORY:\nCisco:\nhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120627-webex\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-3057"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002945"
},
{
"db": "BID",
"id": "54213"
},
{
"db": "VULHUB",
"id": "VHN-56338"
},
{
"db": "PACKETSTORM",
"id": "114290"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-3057",
"trust": 2.8
},
{
"db": "BID",
"id": "54213",
"trust": 0.9
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002945",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201206-529",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "49750",
"trust": 0.7
},
{
"db": "CISCO",
"id": "20120627 BUFFER OVERFLOW VULNERABILITIES IN THE CISCO WEBEX PLAYER",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "19900",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-56338",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "114290",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-56338"
},
{
"db": "BID",
"id": "54213"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002945"
},
{
"db": "PACKETSTORM",
"id": "114290"
},
{
"db": "NVD",
"id": "CVE-2012-3057"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-529"
}
]
},
"id": "VAR-201206-0112",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-56338"
}
],
"trust": 0.7296153719999999
},
"last_update_date": "2023-12-18T12:10:04.684000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20120627-webex",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20120627-webex"
},
{
"title": "26210",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=26210"
},
{
"title": "cisco-sa-20120627-webex",
"trust": 0.8,
"url": "http://www.cisco.com/cisco/web/support/jp/111/1115/1115508_cisco-sa-20120627-webex-j.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-002945"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-56338"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002945"
},
{
"db": "NVD",
"id": "CVE-2012-3057"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20120627-webex"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3057"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-3057"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/49750"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/54213"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/19900"
},
{
"trust": 0.3,
"url": "http://www.webex.com/"
},
{
"trust": 0.1,
"url": "http://secunia.com/psi_30_beta_launch"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49750"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/49750/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/49750/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-56338"
},
{
"db": "BID",
"id": "54213"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002945"
},
{
"db": "PACKETSTORM",
"id": "114290"
},
{
"db": "NVD",
"id": "CVE-2012-3057"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-529"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-56338"
},
{
"db": "BID",
"id": "54213"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002945"
},
{
"db": "PACKETSTORM",
"id": "114290"
},
{
"db": "NVD",
"id": "CVE-2012-3057"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-529"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-06-29T00:00:00",
"db": "VULHUB",
"id": "VHN-56338"
},
{
"date": "2012-06-27T00:00:00",
"db": "BID",
"id": "54213"
},
{
"date": "2012-07-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-002945"
},
{
"date": "2012-06-28T06:12:23",
"db": "PACKETSTORM",
"id": "114290"
},
{
"date": "2012-06-29T14:55:01.173000",
"db": "NVD",
"id": "CVE-2012-3057"
},
{
"date": "2012-06-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201206-529"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-03T00:00:00",
"db": "VULHUB",
"id": "VHN-56338"
},
{
"date": "2015-03-19T09:40:00",
"db": "BID",
"id": "54213"
},
{
"date": "2012-07-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-002945"
},
{
"date": "2018-12-03T13:50:39.907000",
"db": "NVD",
"id": "CVE-2012-3057"
},
{
"date": "2012-06-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201206-529"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201206-529"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco WebEx Recording Format player Heap-based buffer overflow vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-002945"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201206-529"
}
],
"trust": 0.6
}
}
var-201102-0309
Vulnerability from variot
Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted (1) .wrf or (2) .arf file, a different vulnerability than CVE-2010-3041, CVE-2010-3042, and CVE-2010-3044. Cisco WebEx is prone to multiple remote buffer-overflow vulnerabilities because it fails to perform adequate boundary-checks on user-supplied data. Failed exploit attempts will result in a denial-of-service condition.
The Cisco WebEx Players are applications that are used to play back WebEx meeting recordings that have been recorded on the computer of an on-line meeting attendee. The players can be automatically installed when the user accesses a recording file that is hosted on a WebEx server. The player can also be manually installed for offline playback after downloading the application from www.webex.com
If the WebEx recording player was automatically installed, it will be automatically upgraded to the latest, non-vulnerable version when users access a recording file that is hosted on a WebEx server. If the WebEx recording player was manually installed, users will need to manually install a new version of the player after downloading the latest version from www.webex.com
Cisco has released free software updates that address these vulnerabilities.
This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20110201-webex.shtml.
Affected Products
Vulnerable Products +------------------
The vulnerabilities disclosed in this advisory affect the Cisco WebEx recording players. Microsoft Windows, Apple Mac OS X, and Linux versions of the player are all affected. Affected versions of the players are those prior to client builds T27LC SP22 and T27LB SP21 EP3. Customers who have contractual agreements that prevent WebEx from automatically upgrading a recording player to the latest version should contact their account manager to determine upgrade options.
To determine whether a Cisco WebEx server is running an affected version of the WebEx client build, users can log in to their Cisco WebEx server and go to the Support > Downloads section. The version of the WebEx client build will be displayed on the right side of the page under "About Support Center." See "Software Versions and Fixes" for details.
Cisco recommends that users upgrade to the most current version of the player that is available from www.webex.com/downloadplayer.html
Products Confirmed Not Vulnerable +--------------------------------
No other Cisco products are currently known to be affected by these vulnerabilities.
Details
The WebEx meeting service is a hosted multimedia conferencing solution that is managed and maintained by Cisco WebEx. The WRF and ARF file formats are used to store WebEx meeting recordings that have been recorded on the computer of an on-line meeting attendee. The players are applications that are used to play back and edit recording files (files with .wrf and .arf extensions). The recording players can be automatically installed when the user accesses a recording file that is hosted on a WebEx server (for stream playback mode). The recording players can also be manually installed after downloading the application from www.webex.com/downloadplayer.html to play back recording files locally (for offline playback mode).
Multiple buffer overflow vulnerabilities exist in the WRF and ARF players. The vulnerabilities may lead to a crash of the player application or, in some cases, remote code execution could occur.
To exploit one of these vulnerabilities, the player application would need to open a malicious WRF or ARF file. An attacker may be able to accomplish this exploit by providing the malicious recording file directly to users (for example, by using e-mail) or by directing a user to a malicious web page. The vulnerability cannot be triggered by users who are attending a WebEx meeting.
These vulnerabilities have been assigned the following Common Vulnerabilities and Exposures (CVE) identifiers:
- CVE-2010-3269
- CVE-2010-3041
- CVE-2010-3042
- CVE-2010-3043
- CVE-2010-3044
Vulnerability Scoring Details
Cisco has provided scores for the vulnerabilities in this advisory based on the Common Vulnerability Scoring System (CVSS). The CVSS scoring in this Security Advisory is done in accordance with CVSS version 2.0.
CVSS is a standards-based scoring method that conveys vulnerability severity and helps determine urgency and priority of response.
Cisco has provided a base and temporal score. Customers can then compute environmental scores to assist in determining the impact of the vulnerability in individual networks.
Cisco has provided an FAQ to answer additional questions regarding CVSS at:
http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html
Cisco has also provided a CVSS calculator to help compute the environmental impact for individual networks at:
http://intellishield.cisco.com/security/alertmanager/cvss
- Multiple Cisco WebEx Player Buffer Overflow Vulnerabilities
CVSS Base Score - 9.3 Access Vector - Network Access Complexity - Medium Authentication - None Confidentiality Impact - Complete Integrity Impact - Complete Availability Impact - Complete
CVSS Temporal Score - 7.7 Exploitability - Functional Remediation Level - Official-Fix Report Confidence - Confirmed
Impact
Successful exploitation of the vulnerabilities described in this document could result in a crash of the Cisco WebEx ARF Player or WRF Player application and, in some cases, allow a remote attacker to execute arbitrary code on the system with the privileges of the user who is running the recording player application.
Software Versions and Fixes
When considering software upgrades, also consult http://www.cisco.com/go/psirt and any subsequent advisories to determine exposure and a complete upgrade solution.
These vulnerabilities are first fixed in T27LC SP22 and T27LB SP21 EP3. For customers who are running T27LC SP22, the client build will be represented as 27.22SP.0.9253. The fix for customers who are running T27LB SP21 will be deployed by WebEx over the next few weeks. The client build will be determined after the software is deployed.
The client build is listed in the Support > Downloads section of the WebEx page after a user authenticates. WebEx bug fixes are cumulative in a major release. For example, if release 27.22SP.0 is fixed, release 27.22SP.1 will also have the software fix.
If a recording player was automatically installed, it will be automatically upgraded to the latest, nonvulnerable version when users access a recording file that is hosted on a WebEx server.
If a WebEx recording player was manually installed, users will need to manually install a new version of the player after downloading the latest version from www.webex.com/downloadplayer.html
Workarounds
There are no workarounds for the vulnerabilities disclosed in this advisory.
Obtaining Fixed Software
Cisco has released free software updates that address these vulnerabilities. Prior to deploying software, customers should consult their maintenance provider or check the software for feature set compatibility and known issues specific to their environment.
Customers may only install and expect support for the feature sets they have purchased. By installing, downloading, accessing or otherwise using such software upgrades, customers agree to be bound by the terms of Cisco's software license terms found at http://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html, or as otherwise set forth at Cisco.com Downloads at http://www.cisco.com/public/sw-center/sw-usingswc.shtml
Do not contact psirt@cisco.com or security-alert@cisco.com for software upgrades.
Exploitation and Public Announcements
The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability described in this advisory.
These vulnerabilities were either found during internal testing or reported to Cisco by a variety of sources, including Core Security, TippingPoint, and Fortinet's FortiGuard Labs.
Cisco would like to thank these organizations for reporting these vulnerabilities.
Status of this Notice: FINAL
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.
A stand-alone copy or Paraphrase of the text of this document that omits the distribution URL in the following section is an uncontrolled copy, and may lack important information or contain factual errors.
Distribution
This advisory is posted on Cisco's worldwide website at :
http://www.cisco.com/warp/public/707/cisco-sa-20110201-webex.shtml
In addition to worldwide web posting, a text version of this notice is clear-signed with the Cisco PSIRT PGP key and is posted to the following e-mail and Usenet news recipients.
- cust-security-announce@cisco.com
- first-bulletins@lists.first.org
- bugtraq@securityfocus.com
- vulnwatch@vulnwatch.org
- cisco@spot.colorado.edu
- cisco-nsp@puck.nether.net
- full-disclosure@lists.grok.org.uk
- comp.dcom.sys.cisco@newsgate.cisco.com
Future updates of this advisory, if any, will be placed on Cisco's worldwide website, but may or may not be actively announced on mailing lists or newsgroups. Users concerned about this problem are encouraged to check the above URL for any updates.
Revision History
+---------------------------------------+ | Revision | | Initial | | 1.0 | 2011-Feb-01 | public | | | | release. | +---------------------------------------+
Cisco Security Procedures
Complete information on reporting security vulnerabilities in Cisco products, obtaining assistance with security incidents, and registering to receive security information from Cisco, is available on Cisco's worldwide website at http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html. This includes instructions for press inquiries regarding Cisco security notices. All Cisco security advisories are available at http://www.cisco.com/go/psirt.
+-------------------------------------------------------------------- Copyright 2010-2011 Cisco Systems, Inc. All rights reserved. +--------------------------------------------------------------------
-----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.14 (Darwin)
iF4EAREIAAYFAk1IQjoACgkQQXnnBKKRMNCpdQEAg/vWtP38VKH2ZDeL9QMQfx6E M8nIZdeL2XGonJpT60IA/0APzTbZPE+9rWTi1Z0lJqIgCjHls3jo+sGQWSPvxxkS =Ur/Y -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201102-0309",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webex recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.12"
},
{
"model": "webex advanced recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "26.49"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.13"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "26.49"
},
{
"model": "webex advanced recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.11.0.3328"
},
{
"model": "webex advanced recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.10"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.11.0.3328"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.10"
},
{
"model": "webex advanced recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.12"
},
{
"model": "webex advanced recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.13"
},
{
"model": "webex advanced recording format player",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "t27lb of sp21 ep3"
},
{
"model": "webex advanced recording format player",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "t27lc of sp22"
},
{
"model": "webex recording format player",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "t27lb of sp21 ep3"
},
{
"model": "webex recording format player",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "t27lc of sp22"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "27.00"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "26.00"
},
{
"model": "webex 27lc sp22",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex 27lb sp21 ep3",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "27.10"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "26.49.32"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)27.11.8"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)26.49.35"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)27.00"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)26.00"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "27.11.8"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "26.49.35"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex (mac os 27lc sp22",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os 27lb sp21 ep3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
}
],
"sources": [
{
"db": "BID",
"id": "46075"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003859"
},
{
"db": "NVD",
"id": "CVE-2010-3043"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-030"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:26.49:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:27.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:27.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:27.11.0.3328:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:27.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:27.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:27.11.0.3328:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:27.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:26.49:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:27.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2010-3043"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Federico MuttisTippingPoint \u003chttp://www.tippingpoint.com/\u003e",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201102-030"
}
],
"trust": 0.6
},
"cve": "CVE-2010-3043",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2010-3043",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-45648",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2010-3043",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201102-030",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-45648",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-45648"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003859"
},
{
"db": "NVD",
"id": "CVE-2010-3043"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-030"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted (1) .wrf or (2) .arf file, a different vulnerability than CVE-2010-3041, CVE-2010-3042, and CVE-2010-3044. Cisco WebEx is prone to multiple remote buffer-overflow vulnerabilities because it fails to perform adequate boundary-checks on user-supplied data. Failed exploit attempts will result in a denial-of-service condition. \n\nThe Cisco WebEx Players are applications that are used to play back\nWebEx meeting recordings that have been recorded on the computer of\nan on-line meeting attendee. The players can be automatically\ninstalled when the user accesses a recording file that is hosted on a\nWebEx server. The player can also be manually installed for offline\nplayback after downloading the application from www.webex.com\n\nIf the WebEx recording player was automatically installed, it will be\nautomatically upgraded to the latest, non-vulnerable version when\nusers access a recording file that is hosted on a WebEx server. If\nthe WebEx recording player was manually installed, users will need to\nmanually install a new version of the player after downloading the\nlatest version from www.webex.com \n\nCisco has released free software updates that address these\nvulnerabilities. \n\nThis advisory is posted at\nhttp://www.cisco.com/warp/public/707/cisco-sa-20110201-webex.shtml. \n\nAffected Products\n=================\n\nVulnerable Products\n+------------------\n\nThe vulnerabilities disclosed in this advisory affect the Cisco WebEx\nrecording players. Microsoft Windows, Apple Mac OS X, and Linux\nversions of the player are all affected. Affected versions of the\nplayers are those prior to client builds T27LC SP22 and T27LB SP21\nEP3. Customers who have contractual agreements that prevent WebEx\nfrom automatically upgrading a recording player to the latest version\nshould contact their account manager to determine upgrade options. \n\nTo determine whether a Cisco WebEx server is running an affected\nversion of the WebEx client build, users can log in to their Cisco\nWebEx server and go to the Support \u003e Downloads section. The version\nof the WebEx client build will be displayed on the right side of the\npage under \"About Support Center.\" See \"Software Versions and Fixes\"\nfor details. \n\nCisco recommends that users upgrade to the most current version of\nthe player that is available from www.webex.com/downloadplayer.html\n\n\nProducts Confirmed Not Vulnerable\n+--------------------------------\n\nNo other Cisco products are currently known to be affected by these\nvulnerabilities. \n\nDetails\n=======\n\nThe WebEx meeting service is a hosted multimedia conferencing\nsolution that is managed and maintained by Cisco WebEx. The WRF and\nARF file formats are used to store WebEx meeting recordings that have\nbeen recorded on the computer of an on-line meeting attendee. The\nplayers are applications that are used to play back and edit\nrecording files (files with .wrf and .arf extensions). The recording\nplayers can be automatically installed when the user accesses a\nrecording file that is hosted on a WebEx server (for stream playback\nmode). The recording players can also be manually installed after\ndownloading the application from www.webex.com/downloadplayer.html\nto play back recording files locally (for offline\nplayback mode). \n\nMultiple buffer overflow vulnerabilities exist in the WRF and ARF\nplayers. The vulnerabilities may lead to a crash of the player\napplication or, in some cases, remote code execution could occur. \n\nTo exploit one of these vulnerabilities, the player application would\nneed to open a malicious WRF or ARF file. An attacker may be able to\naccomplish this exploit by providing the malicious recording file\ndirectly to users (for example, by using e-mail) or by directing a\nuser to a malicious web page. The vulnerability cannot be triggered\nby users who are attending a WebEx meeting. \n\nThese vulnerabilities have been assigned the following Common\nVulnerabilities and Exposures (CVE) identifiers:\n\n * CVE-2010-3269\n * CVE-2010-3041\n * CVE-2010-3042\n * CVE-2010-3043\n * CVE-2010-3044\n\nVulnerability Scoring Details\n\nCisco has provided scores for the vulnerabilities in this advisory\nbased on the Common Vulnerability Scoring System (CVSS). The CVSS\nscoring in this Security Advisory is done in accordance with CVSS\nversion 2.0. \n\nCVSS is a standards-based scoring method that conveys vulnerability\nseverity and helps determine urgency and priority of response. \n\nCisco has provided a base and temporal score. Customers can then\ncompute environmental scores to assist in determining the impact of\nthe vulnerability in individual networks. \n\nCisco has provided an FAQ to answer additional questions regarding\nCVSS at:\n\nhttp://www.cisco.com/web/about/security/intelligence/cvss-qandas.html\n\n\nCisco has also provided a CVSS calculator to help compute the\nenvironmental impact for individual networks at:\n\nhttp://intellishield.cisco.com/security/alertmanager/cvss \n\n* Multiple Cisco WebEx Player Buffer Overflow Vulnerabilities\n\nCVSS Base Score - 9.3\n Access Vector - Network\n Access Complexity - Medium\n Authentication - None\n Confidentiality Impact - Complete\n Integrity Impact - Complete\n Availability Impact - Complete\n\nCVSS Temporal Score - 7.7\n Exploitability - Functional\n Remediation Level - Official-Fix\n Report Confidence - Confirmed\n\n\nImpact\n======\n\nSuccessful exploitation of the vulnerabilities described in this\ndocument could result in a crash of the Cisco WebEx ARF Player or WRF\nPlayer application and, in some cases, allow a remote attacker to\nexecute arbitrary code on the system with the privileges of the user\nwho is running the recording player application. \n\nSoftware Versions and Fixes\n===========================\n\nWhen considering software upgrades, also consult http://www.cisco.com/go/psirt\nand any subsequent advisories to determine exposure and a\ncomplete upgrade solution. \n\nThese vulnerabilities are first fixed in T27LC SP22 and T27LB SP21\nEP3. For customers who are running T27LC SP22, the client build will\nbe represented as 27.22SP.0.9253. The fix for customers who are\nrunning T27LB SP21 will be deployed by WebEx over the next few weeks. \nThe client build will be determined after the software is deployed. \n\nThe client build is listed in the Support \u003e Downloads section of the\nWebEx page after a user authenticates. WebEx bug fixes are cumulative\nin a major release. For example, if release 27.22SP.0 is fixed,\nrelease 27.22SP.1 will also have the software fix. \n\nIf a recording player was automatically installed, it will be\nautomatically upgraded to the latest, nonvulnerable version when\nusers access a recording file that is hosted on a WebEx server. \n\nIf a WebEx recording player was manually installed, users will need\nto manually install a new version of the player after downloading the\nlatest version from www.webex.com/downloadplayer.html\n\nWorkarounds\n===========\n\nThere are no workarounds for the vulnerabilities disclosed in this\nadvisory. \n\nObtaining Fixed Software\n========================\n\nCisco has released free software updates that address these\nvulnerabilities. Prior to deploying software, customers should\nconsult their maintenance provider or check the software for feature\nset compatibility and known issues specific to their environment. \n\nCustomers may only install and expect support for the feature sets\nthey have purchased. By installing, downloading, accessing or\notherwise using such software upgrades, customers agree to be bound\nby the terms of Cisco\u0027s software license terms found at \nhttp://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html,\nor as otherwise set forth at Cisco.com Downloads at\nhttp://www.cisco.com/public/sw-center/sw-usingswc.shtml \n\nDo not contact psirt@cisco.com or security-alert@cisco.com for\nsoftware upgrades. \n\nExploitation and Public Announcements\n=====================================\n\nThe Cisco PSIRT is not aware of any public announcements or malicious\nuse of the vulnerability described in this advisory. \n\nThese vulnerabilities were either found during internal testing or\nreported to Cisco by a variety of sources, including Core Security,\nTippingPoint, and Fortinet\u0027s FortiGuard Labs. \n\nCisco would like to thank these organizations for reporting these\nvulnerabilities. \n\nStatus of this Notice: FINAL\n============================\n\nTHIS DOCUMENT IS PROVIDED ON AN \"AS IS\" BASIS AND DOES NOT IMPLY ANY\nKIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF\nMERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE\nINFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS\nAT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS\nDOCUMENT AT ANY TIME. \n\nA stand-alone copy or Paraphrase of the text of this document that\nomits the distribution URL in the following section is an\nuncontrolled copy, and may lack important information or contain\nfactual errors. \n\nDistribution\n============\n\nThis advisory is posted on Cisco\u0027s worldwide website at :\n\nhttp://www.cisco.com/warp/public/707/cisco-sa-20110201-webex.shtml\n\nIn addition to worldwide web posting, a text version of this notice\nis clear-signed with the Cisco PSIRT PGP key and is posted to the\nfollowing e-mail and Usenet news recipients. \n\n * cust-security-announce@cisco.com\n * first-bulletins@lists.first.org\n * bugtraq@securityfocus.com\n * vulnwatch@vulnwatch.org\n * cisco@spot.colorado.edu\n * cisco-nsp@puck.nether.net\n * full-disclosure@lists.grok.org.uk\n * comp.dcom.sys.cisco@newsgate.cisco.com\n\nFuture updates of this advisory, if any, will be placed on Cisco\u0027s\nworldwide website, but may or may not be actively announced on\nmailing lists or newsgroups. Users concerned about this problem are\nencouraged to check the above URL for any updates. \n\nRevision History\n================\n\n+---------------------------------------+\n| Revision | | Initial |\n| 1.0 | 2011-Feb-01 | public |\n| | | release. |\n+---------------------------------------+\n\nCisco Security Procedures\n=========================\n\nComplete information on reporting security vulnerabilities in Cisco\nproducts, obtaining assistance with security incidents, and\nregistering to receive security information from Cisco, is available\non Cisco\u0027s worldwide website at \nhttp://www.cisco.com/en/US/products/products_security_vulnerability_policy.html. \nThis includes instructions for press inquiries regarding Cisco security notices. \nAll Cisco security advisories are available at \nhttp://www.cisco.com/go/psirt. \n\n+--------------------------------------------------------------------\nCopyright 2010-2011 Cisco Systems, Inc. All rights reserved. \n+--------------------------------------------------------------------\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG/MacGPG2 v2.0.14 (Darwin)\n\niF4EAREIAAYFAk1IQjoACgkQQXnnBKKRMNCpdQEAg/vWtP38VKH2ZDeL9QMQfx6E\nM8nIZdeL2XGonJpT60IA/0APzTbZPE+9rWTi1Z0lJqIgCjHls3jo+sGQWSPvxxkS\n=Ur/Y\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-3043"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003859"
},
{
"db": "BID",
"id": "46075"
},
{
"db": "VULHUB",
"id": "VHN-45648"
},
{
"db": "PACKETSTORM",
"id": "98073"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-3043",
"trust": 2.9
},
{
"db": "BID",
"id": "46075",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1025016",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003859",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201102-030",
"trust": 0.7
},
{
"db": "CISCO",
"id": "20110201 MULTIPLE CISCO WEBEX PLAYER VULNERABILITIES",
"trust": 0.6
},
{
"db": "XF",
"id": "65074",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "16391",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-45648",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "98073",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-45648"
},
{
"db": "BID",
"id": "46075"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003859"
},
{
"db": "PACKETSTORM",
"id": "98073"
},
{
"db": "NVD",
"id": "CVE-2010-3043"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-030"
}
]
},
"id": "VAR-201102-0309",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-45648"
}
],
"trust": 0.7453525499999999
},
"last_update_date": "2023-12-18T12:58:25.445000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20110201-webex",
"trust": 0.8,
"url": "http://www.cisco.com/en/us/products/products_security_advisory09186a0080b6913f.shtml"
},
{
"title": "cisco-sa-20110201-webex",
"trust": 0.8,
"url": "http://www.cisco.com/cisco/web/support/jp/110/1103/1103539_cisco-sa-20110201-webex-j.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-003859"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-45648"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003859"
},
{
"db": "NVD",
"id": "CVE-2010-3043"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/46075"
},
{
"trust": 1.7,
"url": "http://www.cisco.com/en/us/products/products_security_advisory09186a0080b6913f.shtml"
},
{
"trust": 1.7,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=22016"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1025016"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65074"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3043"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-3043"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/65074"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/16391"
},
{
"trust": 0.4,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20110201-webex.shtml"
},
{
"trust": 0.3,
"url": "http://www.coresecurity.com/content/webex-atp-and-wrf-overflow-vulnerabilities"
},
{
"trust": 0.3,
"url": "http://www.webex.com/"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/en/us/products/products_security_vulnerability_policy.html."
},
{
"trust": 0.1,
"url": "http://www.cisco.com/go/psirt"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3043"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20110201-webex.shtml."
},
{
"trust": 0.1,
"url": "http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html"
},
{
"trust": 0.1,
"url": "https://www.webex.com/downloadplayer.html"
},
{
"trust": 0.1,
"url": "https://www.webex.com"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3044"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3041"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3269"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3042"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/go/psirt."
},
{
"trust": 0.1,
"url": "http://www.cisco.com/public/sw-center/sw-usingswc.shtml"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/en/us/docs/general/warranty/english/eu1ken_.html,"
},
{
"trust": 0.1,
"url": "http://intellishield.cisco.com/security/alertmanager/cvss"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-45648"
},
{
"db": "BID",
"id": "46075"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003859"
},
{
"db": "PACKETSTORM",
"id": "98073"
},
{
"db": "NVD",
"id": "CVE-2010-3043"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-030"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-45648"
},
{
"db": "BID",
"id": "46075"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003859"
},
{
"db": "PACKETSTORM",
"id": "98073"
},
{
"db": "NVD",
"id": "CVE-2010-3043"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-030"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-02-02T00:00:00",
"db": "VULHUB",
"id": "VHN-45648"
},
{
"date": "2011-01-31T00:00:00",
"db": "BID",
"id": "46075"
},
{
"date": "2012-03-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-003859"
},
{
"date": "2011-02-02T02:55:23",
"db": "PACKETSTORM",
"id": "98073"
},
{
"date": "2011-02-02T23:00:31.223000",
"db": "NVD",
"id": "CVE-2010-3043"
},
{
"date": "2011-02-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-030"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-17T00:00:00",
"db": "VULHUB",
"id": "VHN-45648"
},
{
"date": "2011-02-01T16:20:00",
"db": "BID",
"id": "46075"
},
{
"date": "2012-03-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-003859"
},
{
"date": "2017-08-17T01:32:54.167000",
"db": "NVD",
"id": "CVE-2010-3043"
},
{
"date": "2011-02-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-030"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "98073"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-030"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco WRF and ARF Player T27LB Vulnerable to buffer overflow",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-003859"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201102-030"
}
],
"trust": 0.6
}
}
var-200912-0443
Vulnerability from variot
Heap-based buffer overflow in atas32.dll in the Cisco WebEx WRF Player 26.x before 26.49.32 (aka T26SP49EP32) for Windows, 27.x before 27.10.x (aka T27SP10) for Windows, 26.x before 26.49.35 for Mac OS X and Linux, and 27.x before 27.11.8 for Mac OS X and Linux allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted WebEx Recording Format (WRF) file, a different vulnerability than CVE-2009-2876 and CVE-2009-2879. Cisco WebEx WRF Player of atas32.dll Contains a heap-based buffer overflow vulnerability. This vulnerability CVE-2009-2876 and CVE-2009-2879 Is a different vulnerability.Skillfully crafted by a third party WebEx Recording Format (WRF) Service disruption via file (DoS) Could be put into a state or execute arbitrary code. Cisco WebEx is prone to multiple remote buffer-overflow vulnerabilities because the software fails to perform adequate boundary checks on user-supplied data. An attacker can exploit these issues to execute arbitrary code with administrative privileges. Successful exploits will completely compromise affected computers. Failed exploit attempts will result in a denial-of-service condition. This vulnerability is different from CVE-2009-2876 and CVE-2009-2879. ----------------------------------------------------------------------
Do you have VARM strategy implemented?
(Vulnerability Assessment Remediation Management)
If not, then implement it through the most reliable vulnerability intelligence source on the market.
Implement it through Secunia.
ORIGINAL ADVISORY: Cisco: http://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Cisco Security Advisory: Multiple Cisco WebEx WRF Player Vulnerabilities
Advisory ID: cisco-sa-20091216-webex
http://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml
Revision 1.0
For Public Release 2009 December 16 1600 UTC (GMT)
Summary
Multiple buffer overflow vulnerabilities exist in the Cisco WebEx Recording Format (WRF) Player.
The Cisco WebEx WRF Player is an application that is used to play back WebEx meeting recordings that have been recorded on the computer of an on-line meeting attendee. The WRF Player can be automatically installed when the user accesses a WRF file that is hosted on a WebEx server. The WRF Player can also be manually installed for offline playback after downloading the application from www.webex.com.
If the WRF Player was automatically installed, the WebEx WRF Player will be automatically upgraded to the latest, non-vulnerable version when users access a WRF file hosted on a WebEx server. If the WebEx WRF Player was manually installed, users will need to manually install a new version of the player after downloading the latest version from www.webex.com.
Cisco has released free software updates that address these vulnerabilities.
This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml.
Affected Products
Vulnerable Products
The vulnerabilities disclosed in this advisory affect the Cisco WebEx WRF Player. Microsoft Windows, Apple Mac OS X, and Linux versions of the player are affected. Affected versions of the WRF Player are those prior to the "first fixed" versions, which are shown in the section "Software Versions and Fixes" of this advisory.
To check if a Cisco WebEx server is running an affected version of the WebEx client build, users can log in to their Cisco WebEx server and go to the Support -> Downloads section. The version of the WebEx client build will be displayed on the right-hand side of the page under "About Support Center", for example "Client build: 27.11.0.3328".
There is no way to check if a manually installed version of the WRF Player is affected by these vulnerabilities. Therefore, Cisco recommends that users upgrade to the most current version of the player that is available from http://www.webex.com/downloadplayer.html.
Products Confirmed Not Vulnerable
The Cisco WebEx Player for the WebEx Advanced Recording Format (ARF) file format is not affected by these vulnerabilities.
No other Cisco products are currently known to be affected by these vulnerabilities.
Details
The WebEx meeting service is a hosted multimedia conferencing solution that is managed by and maintained by Cisco WebEx. The WebEx Recording Format (WRF) is a file format that is used to store WebEx meeting recordings that have been recorded on the computer of an on-line meeting attendee. The WRF Player is an application that is used to play back and edit WRF files (files with .wrf extensions). The WRF Player can be automatically installed when the user accesses a WRF file that is hosted on a WebEx server (stream playback mode). The WRF Player can also be manually installed after downloading the application from www.webex.com to play back WRF files locally (offline playback mode). The vulnerabilities may lead to a crash of the WRF Player application, or in some cases, lead to remote code execution.
To exploit a vulnerability, a malicious WRF file would need to be opened by the WRF Player application. An attacker may be able to accomplish this by providing the malicious WRF file directly to users (for example, via e-mail), or by convincing users to visit a malicious website. The vulnerability cannot be triggered by users attending a WebEx meeting.
These vulnerabilities have been assigned the following Common Vulnerabilities and Exposures (CVE) identifiers:
- CVE-2009-2875
- CVE-2009-2876
- CVE-2009-2877
- CVE-2009-2878
- CVE-2009-2879
- CVE-2009-2880
Vulnerability Scoring Details
Cisco has provided scores for the vulnerabilities in this advisory based on the Common Vulnerability Scoring System (CVSS). The CVSS scoring in this Security Advisory is done in accordance with CVSS version 2.0.
CVSS is a standards-based scoring method that conveys vulnerability severity and helps determine urgency and priority of response.
Cisco has provided a base and temporal score. Customers can then compute environmental scores to assist in determining the impact of the vulnerability in individual networks.
Cisco has provided an FAQ to answer additional questions regarding CVSS at:
http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html
Cisco has also provided a CVSS calculator to help compute the environmental impact for individual networks at:
http://intellishield.cisco.com/security/alertmanager/cvss
- Multiple Cisco WebEx Player Buffer Overflow Vulnerabilities (all vulnerabilities in this advisory)
CVSS Base Score - 9.3 Access Vector - Network Access Complexity - Medium Authentication - None Confidentiality Impact - Complete Integrity Impact - Complete Availability Impact - Complete
CVSS Temporal Score - 7.7 Exploitability - Functional Remediation Level - Official-Fix Report Confidence - Confirmed
Impact
Successful exploitation of the vulnerabilities described in this document could result in a crash of the Cisco WebEx WRF Player application, and in some cases, allow a remote attacker to execute arbitrary code on the targeted system with the privileges of the user running the WRF Player application.
Software Versions and Fixes
The table below contains "First Fixed" information for the Cisco WebEx WRF Player that is automatically downloaded from a WebEx site when a WRF hosted on a WebEx site is accessed (stream playback mode). Fixes are cumulative within a major release so for example, if release 27.10.1 is fixed, then release 27.10.2 will have the fix too.
+------------------------------------------------------------+ | Platform | Major Release 26.x | Major Release 27.x | |-----------+---------------------+--------------------------| | Microsoft | 26.49.32; available | 27.10.x; available now | | Windows | now except lockdown | for non-PSO and | | | sites | non-lockdown sites | |-----------+---------------------+--------------------------| | | 26.49.35; available | 27.11.8; available now | | Mac OS X | early February 2010 | for non-PSO and | | | | non-lockdown sites | |-----------+---------------------+--------------------------| | | 26.49.35; available | 27.11.8; available now | | Linux | early February 2010 | for non-PSO and | | | | non-lockdown sites | +------------------------------------------------------------+
PSO and lockdown sites running 27.x will receive the fixes for these vulnerabilities during the next emergency patching (EP) cycle. This advisory will be updated to indicate a specific timeline once one is available.
If the WRF Player was automatically installed, the WebEx WRF Player will be automatically upgraded to the latest, non-vulnerable version when users access a WRF file hosted on a WebEx server.
If the WebEx WRF Player was manually installed, users will need to manually install a new version of the player after downloading the latest version from www.webex.com.
Workarounds
There are no workarounds for the vulnerabilities disclosed in this advisory.
Obtaining Fixed Software
Cisco has released free software updates that address these vulnerabilities. Prior to deploying software, customers should consult their maintenance provider or check the software for feature set compatibility and known issues specific to their environment.
Customers may only install and expect support for the feature sets they have purchased. By installing, downloading, accessing or otherwise using such software upgrades, customers agree to be bound by the terms of Cisco's software license terms found at http://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html, or as otherwise set forth at Cisco.com Downloads at http://www.cisco.com/public/sw-center/sw-usingswc.shtml.
Do not contact psirt@cisco.com or security-alert@cisco.com for software upgrades.
Customers that need additional information can contact WebEx Global Support Services and Technical Support. WebEx Global Support Services and Technical Support can be reached through the WebEx support site at http://support.webex.com/support/support-overview.html or by phone at +1-866-229-3239 or +1-408-435-7088.
Customers outside of the United States can reference the following link for local support numbers:
http://support.webex.com/support/phone-numbers.html
Exploitation and Public Announcements
The Cisco PSIRT is not aware of malicious use of the vulnerabilities described in this advisory.
These vulnerabilities were discovered and reported to Cisco by Xiaopeng Zhang and Zhenhua Liu of Fortinet's FortiGuard Labs. The FortiGuard Labs advisory is available at http://www.fortiguard.com. Cisco would like to thank FortiGuard Labs for reporting these vulnerabilities to us and for working with us on a coordinated disclosure.
Status of this Notice: FINAL
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.
A stand-alone copy or Paraphrase of the text of this document that omits the distribution URL in the following section is an uncontrolled copy, and may lack important information or contain factual errors.
Distribution
This advisory is posted on Cisco's worldwide website at:
http://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml
In addition to worldwide web posting, a text version of this notice is clear-signed with the Cisco PSIRT PGP key and is posted to the following e-mail and Usenet news recipients.
- cust-security-announce@cisco.com
- first-bulletins@lists.first.org
- bugtraq@securityfocus.com
- vulnwatch@vulnwatch.org
- cisco@spot.colorado.edu
- cisco-nsp@puck.nether.net
- full-disclosure@lists.grok.org.uk
- comp.dcom.sys.cisco@newsgate.cisco.com
Future updates of this advisory, if any, will be placed on Cisco's worldwide website, but may or may not be actively announced on mailing lists or newsgroups. Users concerned about this problem are encouraged to check the above URL for any updates.
Revision History
+------------------------------------------------------------+ | Revision 1.0 | 2009-December-16 | Initial public release | +------------------------------------------------------------+
Cisco Security Procedures
Complete information on reporting security vulnerabilities in Cisco products, obtaining assistance with security incidents, and registering to receive security information from Cisco, is available on Cisco's worldwide website at http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html. This includes instructions for press inquiries regarding Cisco security notices. All Cisco security advisories are available at http://www.cisco.com/go/psirt.
+-------------------------------------------------------------------- Copyright 2008-2009 Cisco Systems, Inc. All rights reserved. +--------------------------------------------------------------------
Updated: Dec 16, 2009 Document ID: 110946 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkspCQMACgkQ86n/Gc8U/uCn+QCeLaUWmiHsetXDoJsynUbgsmHs IDgAnRhmTkrcs2NhAQ7Dq8+eJqofkHSh =KaHv -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200912-0443",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webex",
"scope": "eq",
"trust": 2.2,
"vendor": "cisco",
"version": "27.00"
},
{
"model": "webex",
"scope": "eq",
"trust": 2.2,
"vendor": "cisco",
"version": "26.00"
},
{
"model": "webex",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "wrf player (linux) 26.49.35"
},
{
"model": "webex",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "wrf player (linux) 27.11.8"
},
{
"model": "webex",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "wrf player (mac os x) 26.49.35"
},
{
"model": "webex",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "wrf player (mac os x) 27.11.8"
},
{
"model": "webex",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "wrf player (windows) 26.49.32"
},
{
"model": "webex",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "wrf player (windows) 27.10.x"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)27.00"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)26.00"
},
{
"model": "webex",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "27.10"
},
{
"model": "webex",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "26.49.32"
},
{
"model": "webex (mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x)27.11.8"
},
{
"model": "webex (mac os",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x)26.49.35"
},
{
"model": "webex",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "27.11.8"
},
{
"model": "webex",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "26.49.35"
}
],
"sources": [
{
"db": "BID",
"id": "37352"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002685"
},
{
"db": "NVD",
"id": "CVE-2009-2878"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-261"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex:26.00:*:linux:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex:26.00:*:mac_os_x:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex:26.00:*:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex:27.00:*:windows:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex:27.00:*:linux:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex:27.00:*:mac_os_x:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2009-2878"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Xiaopeng ZhangZhenhua Liu\u203b zhliu@fortinet.com",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200912-261"
}
],
"trust": 0.6
},
"cve": "CVE-2009-2878",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2009-2878",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-40324",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2009-2878",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200912-261",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-40324",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-40324"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002685"
},
{
"db": "NVD",
"id": "CVE-2009-2878"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-261"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Heap-based buffer overflow in atas32.dll in the Cisco WebEx WRF Player 26.x before 26.49.32 (aka T26SP49EP32) for Windows, 27.x before 27.10.x (aka T27SP10) for Windows, 26.x before 26.49.35 for Mac OS X and Linux, and 27.x before 27.11.8 for Mac OS X and Linux allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted WebEx Recording Format (WRF) file, a different vulnerability than CVE-2009-2876 and CVE-2009-2879. Cisco WebEx WRF Player of atas32.dll Contains a heap-based buffer overflow vulnerability. This vulnerability CVE-2009-2876 and CVE-2009-2879 Is a different vulnerability.Skillfully crafted by a third party WebEx Recording Format (WRF) Service disruption via file (DoS) Could be put into a state or execute arbitrary code. Cisco WebEx is prone to multiple remote buffer-overflow vulnerabilities because the software fails to perform adequate boundary checks on user-supplied data. \nAn attacker can exploit these issues to execute arbitrary code with administrative privileges. Successful exploits will completely compromise affected computers. Failed exploit attempts will result in a denial-of-service condition. This vulnerability is different from CVE-2009-2876 and CVE-2009-2879. ----------------------------------------------------------------------\n\nDo you have VARM strategy implemented?\n\n(Vulnerability Assessment Remediation Management) \n\nIf not, then implement it through the most reliable vulnerability\nintelligence source on the market. \n\nImplement it through Secunia. \n\nORIGINAL ADVISORY:\nCisco:\nhttp://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nCisco Security Advisory: Multiple Cisco WebEx WRF Player Vulnerabilities\n\nAdvisory ID: cisco-sa-20091216-webex\n\nhttp://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml\n\nRevision 1.0\n\nFor Public Release 2009 December 16 1600 UTC (GMT)\n\nSummary\n=======\n\nMultiple buffer overflow vulnerabilities exist in the Cisco WebEx\nRecording Format (WRF) Player. \n\nThe Cisco WebEx WRF Player is an application that is used to play back\nWebEx meeting recordings that have been recorded on the computer of an\non-line meeting attendee. The WRF Player can be automatically installed\nwhen the user accesses a WRF file that is hosted on a WebEx server. The\nWRF Player can also be manually installed for offline playback after\ndownloading the application from www.webex.com. \n\nIf the WRF Player was automatically installed, the WebEx WRF Player\nwill be automatically upgraded to the latest, non-vulnerable version\nwhen users access a WRF file hosted on a WebEx server. If the WebEx\nWRF Player was manually installed, users will need to manually install\na new version of the player after downloading the latest version from\nwww.webex.com. \n\nCisco has released free software updates that address these\nvulnerabilities. \n\nThis advisory is posted at\nhttp://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml. \n\nAffected Products\n=================\n\nVulnerable Products\n- -------------------\n\nThe vulnerabilities disclosed in this advisory affect the Cisco WebEx\nWRF Player. Microsoft Windows, Apple Mac OS X, and Linux versions of the\nplayer are affected. Affected versions of the WRF Player are those prior\nto the \"first fixed\" versions, which are shown in the section \"Software\nVersions and Fixes\" of this advisory. \n\nTo check if a Cisco WebEx server is running an affected version of the\nWebEx client build, users can log in to their Cisco WebEx server and go\nto the Support -\u003e Downloads section. The version of the WebEx client\nbuild will be displayed on the right-hand side of the page under \"About\nSupport Center\", for example \"Client build: 27.11.0.3328\". \n\nThere is no way to check if a manually installed version of the WRF\nPlayer is affected by these vulnerabilities. Therefore, Cisco recommends\nthat users upgrade to the most current version of the player that is\navailable from http://www.webex.com/downloadplayer.html. \n\nProducts Confirmed Not Vulnerable\n- ---------------------------------\n\nThe Cisco WebEx Player for the WebEx Advanced Recording Format (ARF)\nfile format is not affected by these vulnerabilities. \n\nNo other Cisco products are currently known to be affected by these\nvulnerabilities. \n\nDetails\n=======\n\nThe WebEx meeting service is a hosted multimedia conferencing solution\nthat is managed by and maintained by Cisco WebEx. The WebEx Recording\nFormat (WRF) is a file format that is used to store WebEx meeting\nrecordings that have been recorded on the computer of an on-line meeting\nattendee. The WRF Player is an application that is used to play back\nand edit WRF files (files with .wrf extensions). The WRF Player can be\nautomatically installed when the user accesses a WRF file that is hosted\non a WebEx server (stream playback mode). The WRF Player can also be\nmanually installed after downloading the application from www.webex.com\nto play back WRF files locally (offline playback mode). The\nvulnerabilities may lead to a crash of the WRF Player application, or in\nsome cases, lead to remote code execution. \n\nTo exploit a vulnerability, a malicious WRF file would need to be opened\nby the WRF Player application. An attacker may be able to accomplish\nthis by providing the malicious WRF file directly to users (for example,\nvia e-mail), or by convincing users to visit a malicious website. The\nvulnerability cannot be triggered by users attending a WebEx meeting. \n\nThese vulnerabilities have been assigned the following Common\nVulnerabilities and Exposures (CVE) identifiers:\n\n * CVE-2009-2875\n * CVE-2009-2876\n * CVE-2009-2877\n * CVE-2009-2878\n * CVE-2009-2879\n * CVE-2009-2880\n\nVulnerability Scoring Details\n=============================\n\nCisco has provided scores for the vulnerabilities in this advisory based\non the Common Vulnerability Scoring System (CVSS). The CVSS scoring in\nthis Security Advisory is done in accordance with CVSS version 2.0. \n\nCVSS is a standards-based scoring method that conveys vulnerability\nseverity and helps determine urgency and priority of response. \n\nCisco has provided a base and temporal score. Customers can then\ncompute environmental scores to assist in determining the impact of the\nvulnerability in individual networks. \n\nCisco has provided an FAQ to answer additional questions regarding CVSS\nat:\n\nhttp://www.cisco.com/web/about/security/intelligence/cvss-qandas.html\n\nCisco has also provided a CVSS calculator to help compute the\nenvironmental impact for individual networks at:\n\nhttp://intellishield.cisco.com/security/alertmanager/cvss\n\n* Multiple Cisco WebEx Player Buffer Overflow Vulnerabilities (all\nvulnerabilities in this advisory)\n\nCVSS Base Score - 9.3\n Access Vector - Network\n Access Complexity - Medium\n Authentication - None\n Confidentiality Impact - Complete\n Integrity Impact - Complete\n Availability Impact - Complete\n\nCVSS Temporal Score - 7.7\n Exploitability - Functional\n Remediation Level - Official-Fix\n Report Confidence - Confirmed\n\nImpact\n======\n\nSuccessful exploitation of the vulnerabilities described in this\ndocument could result in a crash of the Cisco WebEx WRF Player\napplication, and in some cases, allow a remote attacker to execute\narbitrary code on the targeted system with the privileges of the user\nrunning the WRF Player application. \n\nSoftware Versions and Fixes\n===========================\n\nThe table below contains \"First Fixed\" information for the Cisco WebEx\nWRF Player that is automatically downloaded from a WebEx site when a WRF\nhosted on a WebEx site is accessed (stream playback mode). Fixes are\ncumulative within a major release so for example, if release 27.10.1 is\nfixed, then release 27.10.2 will have the fix too. \n\n+------------------------------------------------------------+\n| Platform | Major Release 26.x | Major Release 27.x |\n|-----------+---------------------+--------------------------|\n| Microsoft | 26.49.32; available | 27.10.x; available now |\n| Windows | now except lockdown | for non-PSO and |\n| | sites | non-lockdown sites |\n|-----------+---------------------+--------------------------|\n| | 26.49.35; available | 27.11.8; available now |\n| Mac OS X | early February 2010 | for non-PSO and |\n| | | non-lockdown sites |\n|-----------+---------------------+--------------------------|\n| | 26.49.35; available | 27.11.8; available now |\n| Linux | early February 2010 | for non-PSO and |\n| | | non-lockdown sites |\n+------------------------------------------------------------+\n\nPSO and lockdown sites running 27.x will receive the fixes for these\nvulnerabilities during the next emergency patching (EP) cycle. This\nadvisory will be updated to indicate a specific timeline once one is\navailable. \n\nIf the WRF Player was automatically installed, the WebEx WRF Player will\nbe automatically upgraded to the latest, non-vulnerable version when\nusers access a WRF file hosted on a WebEx server. \n\nIf the WebEx WRF Player was manually installed, users will need to\nmanually install a new version of the player after downloading the\nlatest version from www.webex.com. \n\nWorkarounds\n===========\n\nThere are no workarounds for the vulnerabilities disclosed in this\nadvisory. \n\nObtaining Fixed Software\n========================\n\nCisco has released free software updates that address these\nvulnerabilities. Prior to deploying software, customers should consult\ntheir maintenance provider or check the software for feature set\ncompatibility and known issues specific to their environment. \n\nCustomers may only install and expect support for the feature\nsets they have purchased. By installing, downloading, accessing\nor otherwise using such software upgrades, customers agree to be\nbound by the terms of Cisco\u0027s software license terms found at\nhttp://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html,\nor as otherwise set forth at Cisco.com Downloads at\nhttp://www.cisco.com/public/sw-center/sw-usingswc.shtml. \n\nDo not contact psirt@cisco.com or security-alert@cisco.com for software\nupgrades. \n\nCustomers that need additional information can contact WebEx Global\nSupport Services and Technical Support. WebEx Global Support Services\nand Technical Support can be reached through the WebEx support site at\nhttp://support.webex.com/support/support-overview.html or by phone at\n+1-866-229-3239 or +1-408-435-7088. \n\nCustomers outside of the United States can reference the following link\nfor local support numbers:\n\nhttp://support.webex.com/support/phone-numbers.html\n\nExploitation and Public Announcements\n=====================================\n\nThe Cisco PSIRT is not aware of malicious use of the vulnerabilities\ndescribed in this advisory. \n\nThese vulnerabilities were discovered and reported to Cisco by Xiaopeng\nZhang and Zhenhua Liu of Fortinet\u0027s FortiGuard Labs. The FortiGuard Labs\nadvisory is available at http://www.fortiguard.com. Cisco would like to\nthank FortiGuard Labs for reporting these vulnerabilities to us and for\nworking with us on a coordinated disclosure. \n\nStatus of this Notice: FINAL\n============================\n\nTHIS DOCUMENT IS PROVIDED ON AN \"AS IS\" BASIS AND DOES NOT IMPLY\nANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF\nMERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE\nINFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS\nAT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS\nDOCUMENT AT ANY TIME. \n\nA stand-alone copy or Paraphrase of the text of this document that omits\nthe distribution URL in the following section is an uncontrolled copy,\nand may lack important information or contain factual errors. \n\nDistribution\n============\n\nThis advisory is posted on Cisco\u0027s worldwide website at:\n\nhttp://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml\n\nIn addition to worldwide web posting, a text version of this notice is\nclear-signed with the Cisco PSIRT PGP key and is posted to the following\ne-mail and Usenet news recipients. \n\n * cust-security-announce@cisco.com\n * first-bulletins@lists.first.org\n * bugtraq@securityfocus.com\n * vulnwatch@vulnwatch.org\n * cisco@spot.colorado.edu\n * cisco-nsp@puck.nether.net\n * full-disclosure@lists.grok.org.uk\n * comp.dcom.sys.cisco@newsgate.cisco.com\n\nFuture updates of this advisory, if any, will be placed on Cisco\u0027s\nworldwide website, but may or may not be actively announced on mailing\nlists or newsgroups. Users concerned about this problem are encouraged\nto check the above URL for any updates. \n\nRevision History\n================\n\n+------------------------------------------------------------+\n| Revision 1.0 | 2009-December-16 | Initial public release |\n+------------------------------------------------------------+\n\nCisco Security Procedures\n=========================\n\nComplete information on reporting security vulnerabilities in\nCisco products, obtaining assistance with security incidents, and\nregistering to receive security information from Cisco, is available\non Cisco\u0027s worldwide website at\nhttp://www.cisco.com/en/US/products/products_security_vulnerability_policy.html. \nThis includes instructions for press inquiries regarding Cisco security\nnotices. All Cisco security advisories are available at\nhttp://www.cisco.com/go/psirt. \n\n+--------------------------------------------------------------------\nCopyright 2008-2009 Cisco Systems, Inc. All rights reserved. \n+--------------------------------------------------------------------\n\nUpdated: Dec 16, 2009 Document ID: 110946\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.9 (GNU/Linux)\n\niEYEARECAAYFAkspCQMACgkQ86n/Gc8U/uCn+QCeLaUWmiHsetXDoJsynUbgsmHs\nIDgAnRhmTkrcs2NhAQ7Dq8+eJqofkHSh\n=KaHv\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2009-2878"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002685"
},
{
"db": "BID",
"id": "37352"
},
{
"db": "VULHUB",
"id": "VHN-40324"
},
{
"db": "PACKETSTORM",
"id": "84023"
},
{
"db": "PACKETSTORM",
"id": "83934"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2009-2878",
"trust": 2.9
},
{
"db": "BID",
"id": "37352",
"trust": 2.8
},
{
"db": "SECUNIA",
"id": "37810",
"trust": 2.6
},
{
"db": "OSVDB",
"id": "61128",
"trust": 2.5
},
{
"db": "SECTRACK",
"id": "1023360",
"trust": 2.5
},
{
"db": "VUPEN",
"id": "ADV-2009-3574",
"trust": 1.7
},
{
"db": "XF",
"id": "54991",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002685",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200912-261",
"trust": 0.7
},
{
"db": "XF",
"id": "54841",
"trust": 0.6
},
{
"db": "CISCO",
"id": "20091216 MULTIPLE CISCO WEBEX WRF PLAYER VULNERABILITIES",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-40324",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "84023",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "83934",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-40324"
},
{
"db": "BID",
"id": "37352"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002685"
},
{
"db": "PACKETSTORM",
"id": "84023"
},
{
"db": "PACKETSTORM",
"id": "83934"
},
{
"db": "NVD",
"id": "CVE-2009-2878"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-261"
}
]
},
"id": "VAR-200912-0443",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-40324"
}
],
"trust": 0.725
},
"last_update_date": "2023-12-18T12:22:44.316000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20091216-webex",
"trust": 0.8,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml"
},
{
"title": "22661",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22661\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
},
{
"title": "22662",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22662\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
},
{
"title": "22663",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22663\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
},
{
"title": "22799",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22799\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
},
{
"title": "23040",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=23040\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
},
{
"title": "19499",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=19499"
},
{
"title": "22660",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22660\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002685"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-40324"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002685"
},
{
"db": "NVD",
"id": "CVE-2009-2878"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/37352"
},
{
"trust": 2.5,
"url": "http://securitytracker.com/id?1023360"
},
{
"trust": 2.5,
"url": "http://secunia.com/advisories/37810"
},
{
"trust": 1.7,
"url": "http://www.cisco.com/en/us/products/products_security_advisory09186a0080b0a577.shtml"
},
{
"trust": 1.7,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=19499"
},
{
"trust": 1.7,
"url": "http://fgc.fortinet.com/encyclopedia/vulnerability/fg-vd-09-013-cisco.html"
},
{
"trust": 1.7,
"url": "http://www.fortiguard.com/advisory/fga-2009-48.html"
},
{
"trust": 1.7,
"url": "http://www.osvdb.org/61128"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2009/3574"
},
{
"trust": 1.6,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22660\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
},
{
"trust": 1.6,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22661\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
},
{
"trust": 1.6,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22662\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
},
{
"trust": 1.6,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22663\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
},
{
"trust": 1.6,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22799\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
},
{
"trust": 1.6,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=23040\u0026signaturesubid=0\u0026softwareversion=6.0\u0026releaseversion=s456"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54841"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2878"
},
{
"trust": 0.8,
"url": "http://xforce.iss.net/xforce/xfdb/54991"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-2878"
},
{
"trust": 0.8,
"url": "http://osvdb.org/61128"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/54841"
},
{
"trust": 0.5,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml"
},
{
"trust": 0.3,
"url": "http://www.webex.com/"
},
{
"trust": 0.3,
"url": "/archive/1/508512"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22660\u0026amp;signaturesubid=0\u0026amp;softwareversion=6.0\u0026amp;releaseversion=s456"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22661\u0026amp;signaturesubid=0\u0026amp;softwareversion=6.0\u0026amp;releaseversion=s456"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22662\u0026amp;signaturesubid=0\u0026amp;softwareversion=6.0\u0026amp;releaseversion=s456"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22663\u0026amp;signaturesubid=0\u0026amp;softwareversion=6.0\u0026amp;releaseversion=s456"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=22799\u0026amp;signaturesubid=0\u0026amp;softwareversion=6.0\u0026amp;releaseversion=s456"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewipssignature.x?signatureid=23040\u0026amp;signaturesubid=0\u0026amp;softwareversion=6.0\u0026amp;releaseversion=s456"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/37810/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/business_solutions/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2878"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2880"
},
{
"trust": 0.1,
"url": "http://support.webex.com/support/phone-numbers.html"
},
{
"trust": 0.1,
"url": "http://www.fortiguard.com."
},
{
"trust": 0.1,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20091216-webex.shtml."
},
{
"trust": 0.1,
"url": "http://www.cisco.com/en/us/products/products_security_vulnerability_policy.html."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2876"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2875"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/go/psirt."
},
{
"trust": 0.1,
"url": "http://www.webex.com/downloadplayer.html."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2877"
},
{
"trust": 0.1,
"url": "https://www.webex.com."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2879"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/public/sw-center/sw-usingswc.shtml."
},
{
"trust": 0.1,
"url": "http://support.webex.com/support/support-overview.html"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/en/us/docs/general/warranty/english/eu1ken_.html,"
},
{
"trust": 0.1,
"url": "http://intellishield.cisco.com/security/alertmanager/cvss"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-40324"
},
{
"db": "BID",
"id": "37352"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002685"
},
{
"db": "PACKETSTORM",
"id": "84023"
},
{
"db": "PACKETSTORM",
"id": "83934"
},
{
"db": "NVD",
"id": "CVE-2009-2878"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-261"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-40324"
},
{
"db": "BID",
"id": "37352"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002685"
},
{
"db": "PACKETSTORM",
"id": "84023"
},
{
"db": "PACKETSTORM",
"id": "83934"
},
{
"db": "NVD",
"id": "CVE-2009-2878"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-261"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2009-12-18T00:00:00",
"db": "VULHUB",
"id": "VHN-40324"
},
{
"date": "2009-12-16T00:00:00",
"db": "BID",
"id": "37352"
},
{
"date": "2011-06-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-002685"
},
{
"date": "2009-12-17T17:43:52",
"db": "PACKETSTORM",
"id": "84023"
},
{
"date": "2009-12-16T23:33:50",
"db": "PACKETSTORM",
"id": "83934"
},
{
"date": "2009-12-18T19:30:00.420000",
"db": "NVD",
"id": "CVE-2009-2878"
},
{
"date": "2009-12-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200912-261"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-17T00:00:00",
"db": "VULHUB",
"id": "VHN-40324"
},
{
"date": "2009-12-23T18:53:00",
"db": "BID",
"id": "37352"
},
{
"date": "2011-06-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-002685"
},
{
"date": "2017-08-17T01:30:56.617000",
"db": "NVD",
"id": "CVE-2009-2878"
},
{
"date": "2009-12-21T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200912-261"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "83934"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-261"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco WebEx WRF Player of atas32.dll Heap-based buffer overflow vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002685"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200912-261"
}
],
"trust": 0.6
}
}
var-201307-0210
Vulnerability from variot
The Meeting Center component in Cisco WebEx 11 generates different error messages for invalid file-access attempts depending on whether a file exists, which allows remote authenticated users to enumerate files via a series of SPI calls, aka Bug ID CSCuc35965. WebEx is prone to a remote security vulnerability. Cisco WebEx is a set of Web conferencing tools developed by American Cisco (Cisco), which can assist office workers in different places to coordinate and cooperate. WebEx services include Web conferencing, telepresence video conferencing and enterprise instant messaging (IM). There is a security vulnerability in the Meeting Center component of Cisco WebEx version 11.0. Attackers can use these error messages through a series of SPI Call enumeration file
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201307-0210",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webex",
"scope": "eq",
"trust": 1.9,
"vendor": "cisco",
"version": "11.0"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "11"
}
],
"sources": [
{
"db": "BID",
"id": "78023"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003580"
},
{
"db": "NVD",
"id": "CVE-2013-3425"
},
{
"db": "CNNVD",
"id": "CNNVD-201307-664"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex:11.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-3425"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Unknown",
"sources": [
{
"db": "BID",
"id": "78023"
}
],
"trust": 0.3
},
"cve": "CVE-2013-3425",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2013-3425",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.0,
"id": "VHN-63427",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-3425",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201307-664",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-63427",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-63427"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003580"
},
{
"db": "NVD",
"id": "CVE-2013-3425"
},
{
"db": "CNNVD",
"id": "CNNVD-201307-664"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The Meeting Center component in Cisco WebEx 11 generates different error messages for invalid file-access attempts depending on whether a file exists, which allows remote authenticated users to enumerate files via a series of SPI calls, aka Bug ID CSCuc35965. WebEx is prone to a remote security vulnerability. Cisco WebEx is a set of Web conferencing tools developed by American Cisco (Cisco), which can assist office workers in different places to coordinate and cooperate. WebEx services include Web conferencing, telepresence video conferencing and enterprise instant messaging (IM). There is a security vulnerability in the Meeting Center component of Cisco WebEx version 11.0. Attackers can use these error messages through a series of SPI Call enumeration file",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-3425"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003580"
},
{
"db": "BID",
"id": "78023"
},
{
"db": "VULHUB",
"id": "VHN-63427"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-3425",
"trust": 2.8
},
{
"db": "OSVDB",
"id": "95876",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003580",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201307-664",
"trust": 0.7
},
{
"db": "CISCO",
"id": "20130730 CISCO WEBEX INFORMATION DISCLOSURE THROUGH INCONSISTENT ERROR MESSAGES VULNERABILITY",
"trust": 0.6
},
{
"db": "BID",
"id": "78023",
"trust": 0.4
},
{
"db": "XF",
"id": "86150",
"trust": 0.3
},
{
"db": "VULHUB",
"id": "VHN-63427",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-63427"
},
{
"db": "BID",
"id": "78023"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003580"
},
{
"db": "NVD",
"id": "CVE-2013-3425"
},
{
"db": "CNNVD",
"id": "CNNVD-201307-664"
}
]
},
"id": "VAR-201307-0210",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-63427"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T13:03:44.730000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Cisco WebEx Information Disclosure through Inconsistent Error Messages Vulnerability",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2013-3425"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-003580"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-63427"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003580"
},
{
"db": "NVD",
"id": "CVE-2013-3425"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "http://tools.cisco.com/security/center/content/ciscosecuritynotice/cve-2013-3425"
},
{
"trust": 1.1,
"url": "http://osvdb.org/95876"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86150"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-3425"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-3425"
},
{
"trust": 0.3,
"url": "http://xforce.iss.net/xforce/xfdb/86150"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-63427"
},
{
"db": "BID",
"id": "78023"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003580"
},
{
"db": "NVD",
"id": "CVE-2013-3425"
},
{
"db": "CNNVD",
"id": "CNNVD-201307-664"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-63427"
},
{
"db": "BID",
"id": "78023"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-003580"
},
{
"db": "NVD",
"id": "CVE-2013-3425"
},
{
"db": "CNNVD",
"id": "CNNVD-201307-664"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-07-31T00:00:00",
"db": "VULHUB",
"id": "VHN-63427"
},
{
"date": "2013-07-31T00:00:00",
"db": "BID",
"id": "78023"
},
{
"date": "2013-08-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-003580"
},
{
"date": "2013-07-31T13:20:18.877000",
"db": "NVD",
"id": "CVE-2013-3425"
},
{
"date": "2013-07-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201307-664"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-29T00:00:00",
"db": "VULHUB",
"id": "VHN-63427"
},
{
"date": "2013-07-31T00:00:00",
"db": "BID",
"id": "78023"
},
{
"date": "2013-08-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-003580"
},
{
"date": "2017-08-29T01:33:23.183000",
"db": "NVD",
"id": "CVE-2013-3425"
},
{
"date": "2013-08-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201307-664"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201307-664"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco WebEx of Meeting Center Component enumerated file vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-003580"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201307-664"
}
],
"trust": 0.6
}
}
var-201810-0629
Vulnerability from variot
A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit this vulnerability by sending a user a malicious ARF or WRF file via a link or an email attachment and persuading the user to open the file by using the affected software. A successful exploit could allow the attacker to execute arbitrary code on the affected system. Cisco Webex Network Recording Player and Webex Player Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. These issues are being tracked by Cisco Bug IDs CSCvj83752, CSCvj83767, CSCvj83771, CSCvj83793, CSCvj83797, CSCvj83803, CSCvj83818, CSCvj83824, CSCvj83831, CSCvj87929, CSCvj87934, CSCvj93870, CSCvj93877, CSCvk31089, CSCvk33049, CSCvk52510, CSCvk52518, CSCvk52521, CSCvk59945, CSCvk59949, CSCvk59950, CSCvk60158, CSCvk60163, CSCvm51315, CSCvm51318, CSCvm51361, CSCvm51371, CSCvm51373, CSCvm51374, CSCvm51382, CSCvm51386, CSCvm51391, CSCvm51393, CSCvm51396, CSCvm51398, CSCvm51412, CSCvm51413, CSCvm54531, and CSCvm54538
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201810-0629",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.9,
"vendor": "cisco",
"version": "2.8"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.9,
"vendor": "cisco",
"version": "2.7"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.9,
"vendor": "cisco",
"version": "2.6"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "2.7.1"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "webex business suite 32",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "32.15.20"
},
{
"model": "webex business suite 33",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "33.3"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.1.29"
},
{
"model": "webex meetings online",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.37"
},
{
"model": "webex business suite",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings online",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex",
"scope": null,
"trust": 0.7,
"vendor": "cisco",
"version": null
},
{
"model": "webex player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex network recording player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings server 3.0mr2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server 3.0mr1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server patch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.01"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8.1.2039"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8.1.1034"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8.1.1023"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8.1.1019"
},
{
"model": "webex meetings server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.81"
},
{
"model": "webex meetings server mr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8"
},
{
"model": "webex meetings server 2.7mr2 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.7.1.3047"
},
{
"model": "webex meetings server 2.6mr3 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.1.30"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.0.8"
},
{
"model": "webex meetings server 2.5mr6 patch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6"
},
{
"model": "webex meetings server 2.5mr2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.99.2"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.1.5"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.0.997"
},
{
"model": "webex meetings server mr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "webex meetings server base",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "webex meetings server 2.0mr2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5.1.6"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5.1.131"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5(.1.6)"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5(.1.131)"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.1"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings online",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.3.35"
},
{
"model": "webex meetings online",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex business suite wbs33",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite wbs32",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite wbs31",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server 3.0mr2 patch",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1"
},
{
"model": "webex meetings online",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.3.37"
},
{
"model": "webex business suite wbs33.4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite wbs32.15.20",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite wbs31.23",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1124"
},
{
"db": "BID",
"id": "105520"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010556"
},
{
"db": "NVD",
"id": "CVE-2018-15412"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-203"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_online:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.3.37",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5.1.29:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.8:base:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7:maintenance_release2_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:maintenance_release3_patch2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:maintenance_release2_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5:maintenance_release6_patch4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5:maintenance_release6_patch3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5:maintenance_release6_patch2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5:maintenance_release5_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7:base:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7:maintenance_release1_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:maintenance_release3_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:maintenance_release1_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5:maintenance_release2_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_business_suite_32:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "32.15.20",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_business_suite_33:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "33.3",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-15412"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Michael Flanders of Trend Micro Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1124"
}
],
"trust": 0.7
},
"cve": "CVE-2018-15412",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-15412",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2018-15412",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-125669",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-15412",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-15412",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2018-15412",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201810-203",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-125669",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1124"
},
{
"db": "VULHUB",
"id": "VHN-125669"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010556"
},
{
"db": "NVD",
"id": "CVE-2018-15412"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-203"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit this vulnerability by sending a user a malicious ARF or WRF file via a link or an email attachment and persuading the user to open the file by using the affected software. A successful exploit could allow the attacker to execute arbitrary code on the affected system. Cisco Webex Network Recording Player and Webex Player Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. \nThese issues are being tracked by Cisco Bug IDs CSCvj83752, CSCvj83767, CSCvj83771, CSCvj83793, CSCvj83797, CSCvj83803, CSCvj83818, CSCvj83824, CSCvj83831, CSCvj87929, CSCvj87934, CSCvj93870, CSCvj93877, CSCvk31089, CSCvk33049, CSCvk52510, CSCvk52518, CSCvk52521, CSCvk59945, CSCvk59949, CSCvk59950, CSCvk60158, CSCvk60163, CSCvm51315, CSCvm51318, CSCvm51361, CSCvm51371, CSCvm51373, CSCvm51374, CSCvm51382, CSCvm51386, CSCvm51391, CSCvm51393, CSCvm51396, CSCvm51398, CSCvm51412, CSCvm51413, CSCvm54531, and CSCvm54538",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-15412"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010556"
},
{
"db": "ZDI",
"id": "ZDI-18-1124"
},
{
"db": "BID",
"id": "105520"
},
{
"db": "VULHUB",
"id": "VHN-125669"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-15412",
"trust": 3.5
},
{
"db": "BID",
"id": "105520",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1041795",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010556",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-6316",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-1124",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201810-203",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-125669",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1124"
},
{
"db": "VULHUB",
"id": "VHN-125669"
},
{
"db": "BID",
"id": "105520"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010556"
},
{
"db": "NVD",
"id": "CVE-2018-15412"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-203"
}
]
},
"id": "VAR-201810-0629",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-125669"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:01:09.547000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20181003-webex-rce",
"trust": 1.5,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20181003-webex-rce"
},
{
"title": "Cisco Webex Network Recording Player and Webex Player Enter the fix for the verification vulnerability",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=85417"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1124"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010556"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-203"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-125669"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010556"
},
{
"db": "NVD",
"id": "CVE-2018-15412"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20181003-webex-rce"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/105520"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1041795"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-15412"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-15412"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1124"
},
{
"db": "VULHUB",
"id": "VHN-125669"
},
{
"db": "BID",
"id": "105520"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010556"
},
{
"db": "NVD",
"id": "CVE-2018-15412"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-203"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-18-1124"
},
{
"db": "VULHUB",
"id": "VHN-125669"
},
{
"db": "BID",
"id": "105520"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010556"
},
{
"db": "NVD",
"id": "CVE-2018-15412"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-203"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-08T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1124"
},
{
"date": "2018-10-05T00:00:00",
"db": "VULHUB",
"id": "VHN-125669"
},
{
"date": "2018-10-03T00:00:00",
"db": "BID",
"id": "105520"
},
{
"date": "2018-12-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010556"
},
{
"date": "2018-10-05T14:29:09.733000",
"db": "NVD",
"id": "CVE-2018-15412"
},
{
"date": "2018-10-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-203"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-08T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1124"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-125669"
},
{
"date": "2018-10-03T00:00:00",
"db": "BID",
"id": "105520"
},
{
"date": "2018-12-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010556"
},
{
"date": "2019-10-09T23:35:33.890000",
"db": "NVD",
"id": "CVE-2018-15412"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-203"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201810-203"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Webex Network Recording Player and Webex Player Input validation vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010556"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201810-203"
}
],
"trust": 0.6
}
}
var-201102-0052
Vulnerability from variot
Multiple stack-based buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to execute arbitrary code via a crafted (1) .wrf or (2) .arf file, related to use of a function pointer in a callback mechanism. Cisco WebEx is a web conferencing solution. Cisco WebEx provides record format files for storing WebEX meeting notes, and WRF Player is an application for playing back and editing WRF files (files end with a .wrf extension). This vulnerability can be triggered by publishing a .wrf video file in a conference room: .text:6070C272 loc_6070C272: ; CODE XREF: sub_6070C050+255j.text:6070C272 test esi, esi.text:6070C274 jnz short loc_6070C28F.text:6070C276 push ebx.text :6070C277 call dword ptr [ebp+0Ch] ; call to function pointer on the stack.text:6070C27A add esp, 4.text:6070C27D test al, al.text:6070C27F jz loc_6070C374.text:6070C285 mov edi, [ebp+ 0].text:6070C288 mov esi, [ebp+4].text:6070C28B mov eax, [esp+0D98h+var_D80].text:6070C28F.text:6070C28F loc_6070C28F: ; CODE XREF: sub_6070C050+224j.text:6070C28F mov Cl, [edi] ; cl can be controlled, it is read from the malicious .wrf file.text:6070C291 dec esi.text:6070C292 mov [esp+eax+0D 98h+var_C8C], cl ; this mov overflows the stack with user controlled values.text:6070C299 mov ecx, [esp+0D98h+var_D84].text:6070C29D inc edi.text:6070C29E inc eax.text:6070C29F cmp eax, ecx .text:6070C2A1 mov [esp+0D98h+var_D80], eax.text:6070C2A5 jl short loc_6070C272. Cisco WebEx is prone to multiple remote buffer-overflow vulnerabilities because it fails to perform adequate boundary-checks on user-supplied data. An attacker can exploit these issues to execute arbitrary code with the privileges of the affected application. Failed exploit attempts will result in a denial-of-service condition.
The Cisco WebEx Players are applications that are used to play back WebEx meeting recordings that have been recorded on the computer of an on-line meeting attendee. The players can be automatically installed when the user accesses a recording file that is hosted on a WebEx server. The player can also be manually installed for offline playback after downloading the application from www.webex.com
If the WebEx recording player was automatically installed, it will be automatically upgraded to the latest, non-vulnerable version when users access a recording file that is hosted on a WebEx server. If the WebEx recording player was manually installed, users will need to manually install a new version of the player after downloading the latest version from www.webex.com
Cisco has released free software updates that address these vulnerabilities.
Affected Products
Vulnerable Products +------------------
The vulnerabilities disclosed in this advisory affect the Cisco WebEx recording players. Microsoft Windows, Apple Mac OS X, and Linux versions of the player are all affected. Affected versions of the players are those prior to client builds T27LC SP22 and T27LB SP21 EP3. Customers who have contractual agreements that prevent WebEx from automatically upgrading a recording player to the latest version should contact their account manager to determine upgrade options.
To determine whether a Cisco WebEx server is running an affected version of the WebEx client build, users can log in to their Cisco WebEx server and go to the Support > Downloads section. The version of the WebEx client build will be displayed on the right side of the page under "About Support Center." See "Software Versions and Fixes" for details.
Details
The WebEx meeting service is a hosted multimedia conferencing solution that is managed and maintained by Cisco WebEx. The WRF and ARF file formats are used to store WebEx meeting recordings that have been recorded on the computer of an on-line meeting attendee. The recording players can be automatically installed when the user accesses a recording file that is hosted on a WebEx server (for stream playback mode). The recording players can also be manually installed after downloading the application from www.webex.com/downloadplayer.html to play back recording files locally (for offline playback mode).
Multiple buffer overflow vulnerabilities exist in the WRF and ARF players. The vulnerabilities may lead to a crash of the player application or, in some cases, remote code execution could occur.
To exploit one of these vulnerabilities, the player application would need to open a malicious WRF or ARF file. An attacker may be able to accomplish this exploit by providing the malicious recording file directly to users (for example, by using e-mail) or by directing a user to a malicious web page.
These vulnerabilities have been assigned the following Common Vulnerabilities and Exposures (CVE) identifiers:
- CVE-2010-3269
- CVE-2010-3041
- CVE-2010-3042
- CVE-2010-3043
- CVE-2010-3044
Vulnerability Scoring Details
Cisco has provided scores for the vulnerabilities in this advisory based on the Common Vulnerability Scoring System (CVSS). The CVSS scoring in this Security Advisory is done in accordance with CVSS version 2.0.
CVSS is a standards-based scoring method that conveys vulnerability severity and helps determine urgency and priority of response.
Cisco has provided a base and temporal score. Customers can then compute environmental scores to assist in determining the impact of the vulnerability in individual networks.
Cisco has provided an FAQ to answer additional questions regarding CVSS at:
http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html
Cisco has also provided a CVSS calculator to help compute the environmental impact for individual networks at:
http://intellishield.cisco.com/security/alertmanager/cvss
- Multiple Cisco WebEx Player Buffer Overflow Vulnerabilities
CVSS Base Score - 9.3 Access Vector - Network Access Complexity - Medium Authentication - None Confidentiality Impact - Complete Integrity Impact - Complete Availability Impact - Complete
CVSS Temporal Score - 7.7 Exploitability - Functional Remediation Level - Official-Fix Report Confidence - Confirmed
Impact
Successful exploitation of the vulnerabilities described in this document could result in a crash of the Cisco WebEx ARF Player or WRF Player application and, in some cases, allow a remote attacker to execute arbitrary code on the system with the privileges of the user who is running the recording player application.
Software Versions and Fixes
When considering software upgrades, also consult http://www.cisco.com/go/psirt and any subsequent advisories to determine exposure and a complete upgrade solution.
These vulnerabilities are first fixed in T27LC SP22 and T27LB SP21 EP3. The client build will be determined after the software is deployed.
The client build is listed in the Support > Downloads section of the WebEx page after a user authenticates. WebEx bug fixes are cumulative in a major release. For example, if release 27.22SP.0 is fixed, release 27.22SP.1 will also have the software fix.
If a recording player was automatically installed, it will be automatically upgraded to the latest, nonvulnerable version when users access a recording file that is hosted on a WebEx server.
If a WebEx recording player was manually installed, users will need to manually install a new version of the player after downloading the latest version from www.webex.com/downloadplayer.html
Workarounds
There are no workarounds for the vulnerabilities disclosed in this advisory.
Obtaining Fixed Software
Cisco has released free software updates that address these vulnerabilities. Prior to deploying software, customers should consult their maintenance provider or check the software for feature set compatibility and known issues specific to their environment.
Customers may only install and expect support for the feature sets they have purchased. By installing, downloading, accessing or otherwise using such software upgrades, customers agree to be bound by the terms of Cisco's software license terms found at http://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html, or as otherwise set forth at Cisco.com Downloads at http://www.cisco.com/public/sw-center/sw-usingswc.shtml
Do not contact psirt@cisco.com or security-alert@cisco.com for software upgrades.
Exploitation and Public Announcements
The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability described in this advisory.
Cisco would like to thank these organizations for reporting these vulnerabilities.
Status of this Notice: FINAL
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.
A stand-alone copy or Paraphrase of the text of this document that omits the distribution URL in the following section is an uncontrolled copy, and may lack important information or contain factual errors.
Distribution
This advisory is posted on Cisco's worldwide website at :
http://www.cisco.com/warp/public/707/cisco-sa-20110201-webex.shtml
In addition to worldwide web posting, a text version of this notice is clear-signed with the Cisco PSIRT PGP key and is posted to the following e-mail and Usenet news recipients.
- cust-security-announce@cisco.com
- first-bulletins@lists.first.org
- bugtraq@securityfocus.com
- vulnwatch@vulnwatch.org
- cisco@spot.colorado.edu
- cisco-nsp@puck.nether.net
- full-disclosure@lists.grok.org.uk
- comp.dcom.sys.cisco@newsgate.cisco.com
Future updates of this advisory, if any, will be placed on Cisco's worldwide website, but may or may not be actively announced on mailing lists or newsgroups. Users concerned about this problem are encouraged to check the above URL for any updates.
Revision History
+---------------------------------------+ | Revision | | Initial | | 1.0 | 2011-Feb-01 | public | | | | release. | +---------------------------------------+
Cisco Security Procedures
Complete information on reporting security vulnerabilities in Cisco products, obtaining assistance with security incidents, and registering to receive security information from Cisco, is available on Cisco's worldwide website at http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html. This includes instructions for press inquiries regarding Cisco security notices.
+-------------------------------------------------------------------- Copyright 2010-2011 Cisco Systems, Inc. All rights reserved. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Core Security Technologies - Corelabs Advisory
http://corelabs.coresecurity.com/
Cisco WebEx .atp and .wrf Overflow Vulnerabilities
- Advisory Information
Title: Cisco WebEx .atp and .wrf Overflow Vulnerabilities Advisory ID: CORE-2010-1001 Advisory URL: [http://www.coresecurity.com/content/webex-atp-and-wrf-overflow-vulnerabilities] Date published: 2011-01-31 Date of last update: 2011-01-31 Vendors contacted: Cisco Release mode: Coordinated release
- Vulnerability Information
Class: Stack-based Buffer Overflow [CWE-121], Stack-based Buffer Overflow [CWE-121] Impact: Code execution Remotely Exploitable: Yes (client-side) Locally Exploitable: No CVE Name: CVE-2010-3269, CVE-2010-3270 Bugtraq ID: N/A
- Vulnerability Description
There are stack overflows on WebEx [1] that can be exploited by sending maliciously crafted .atp and .wrf files to a vulnerable WebEx user. When opened, these files trigger a reliably exploitable stack based buffer overflow. In the .atp case an exception handler can be overwritten on the stack, and most registers can be trivially overwritten.
- Vulnerable packages
. Contact Cisco for a list of vulnerable versions.
- Non-vulnerable packages
. Contact Cisco.
- Vendor Information, Solutions and Workarounds
All clients of WebEx Meeting Center should now be running a patched version according to Cisco. A non-vulnerable version of WebEx Player should be available at [http://www.webex.com/downloadplayer.html].
- Credits
These vulnerabilities were discovered and researched by Federico Muttis, Sebastian Tello and Manuel Muradas from Core Security Technologies during Bugweek 2010 as part of the "Cisco Baby Cisco!" team [2]. The publication of this advisory was coordinated by Pedro Varangot.
- Technical Description
8.1. WebEx Player .wrf Buffer Overflow [CVE-2010-3269]
WebEx Player can be used to playback recordings of WebEx sessions. These recordings can be stored using the .wrf closed and undocumented file format. This vulnerability can also be exploited by publishing a .wrf video file in a meeting, resulting in the compromise of the meeting's participants. WebEx Meeting Center .atp Buffer Overflow [CVE-2010-3270]
WebEx Meeting Center allows polls to be conducted between all participants of a WebEx session. By serving a specially crafted .atp file (used for conducting polls) the meeting host can then abruptly disconnect from the server, and when another client becomes host and tries to share the .atp file with the other clients arbitrary code execution is possible on his workstation. If his connection to the server is then severed by a malicious payload, the .atp file will be cycled to the next connected client. We developed trivial examples that take control of EIP using arbitrary characters.
- Report Timeline
. 2010-10-04: Core Security Technologies contacts Cisco PSIRT using their provided PGP key notifying them of the vulnerabilities and sending an advisory draft, a proof of concept for the WebEx Player vulnerability, and a proof of concept for the Meeting Center vulnerability including details of how to reproduce both vulnerabilities, and details about the behaviour of the PoC for the Player vulnerability on Windows XP SP2 (which overwrites EIP with 0x41414141 on that platform). October 18th 2010 (a two weeks timeframe) is set as a potential release date for the advisory. 2010-10-05: Cisco PSIRT contacts Core stating that their development team is out of the office till Friday October 8th. November 15th 2010 is mentioned as an estimated release date for a fix. 2010-10-05: Core replies to Cisco PSIRT postponing the release date of this advisory for one week, to Monday October 25th, in order to contemplate the fact that Cisco's development team is away from office for the week. Further changes to the release date will be made after receiving technical feedback. November the 15th is mentioned to be a possible date to settle on. 2010-10-11: Cisco PSIRT replies acknowledging "an exception in WebEx player" but that doesn't overwrite EIP as Core Security Technologies indicated. Cisco notifies that they were not able to reproduce the crash in WebEx Meeting Center. Cisco PSIRT also asks for more detailed information about the version of WebEx Player used. 2010-10-12: Core sends the requested information, also attaching new proof of concept exploits for the WebEx Player vulnerability (that now executes code and launches "calc.exe"), and further details about the steps needed to reproduce the WebEx Meeting Center crash. Details about the system where the proof of concept for the WebEx Player vulnerability was run are asked. Details about the "exception" are also asked, specially noting that if other registers are overwritten this should be considered as a vulnerability that would possibly lead to reliable code execution even if EIP was not modified (as noted by Core on the e-mail where the PoC was attached). No reply is received to this e-mail. 2010-10-19: Core resends the previous e-mail asking for news about reproduction of the vulnerability on Cisco's side and asking if there was any problem in the reception or interpretation of the last communication. No reply is received to this e-mail. 2010-10-28: Core Security Technologies resends the last e-mail, unilaterally rescheduling the publication of this advisory to November 8th 2010, which is closer to Cisco's initial estimation for the release of a fix. Core states its willingness to reschedule this publication date but only under firm commitment from Cisco to working seriously towards fixing this issue in a scheduled timeframe. An updated advisory draft is attached which includes an updated timeline. 2010-10-30: Cisco PSIRT replies acknowledging the vulnerability, stating that they were able to reproduce code execution results in the currently released version of WebEx, and a crash in their current development version. Cisco also states that there is not information yet from their development team about when a fix for this vulnerability will be released. 2010-11-09: Core replies offering more technical details about exploitation if they are needed, and reminding Cisco that the crash in their development version may also be exploitable even if the current proof of concept exploit only crashes it. The publication date for this advisory is rescheduled to November 22nd 2010. Core states that they will like to schedule a firm date for the release of information about this vulnerability to the public and hence would like to get more information from Cisco about the schedule for the release of a fix. 2010-11-15: Cisco states that fixed code will be deployed in mid-December, but since WebEx Meeting Center runs on a SaaS environment it takes about four or five weeks for all clients to be running the latest version of the code. 2010-12-06: Cisco contacts Core since no reply was received in the past two weeks, and clarifies that a fix will be deployed on December 15th and should be done on January 11th 2011. 2010-12-06: Core states that they believe this advisory should be released as soon as the fix is deployed, since diffing the WebEx binary on the client side gives full details about the WebEx Meeting Center vulnerability to an average skilled reverse engineer. Core schedules the publication of this advisory to December 15th 2010. 2010-12-07: Cisco contacts Core stating that releasing details about this vulnerability would endanger customers, since there is no action they can take to protect themselves because the responsibility of upgrading the code ran by the customer falls on Cisco. Cisco mentions that "many of these customers are probably shared between Cisco and Core Security". 2010-12-10: Cisco contacts Core stating that they have just discovered the WebEx Meeting Center Vulnerability affects a new set of customers that where not accounted for originally. These are customers running T27SP21 that can not be upgraded to SP22. An emergency patch will be released for SP21 in January 2011, and this sets back the date when all clients should be running an updated version to the "end of January, beginning of February."
. 2010-12-14: Core proposes to split this advisory into two different advisories to better accommodate the WebEx Meeting Center SaaS release cycle. On one advisory, the .wrf client side vulnerability would be described, and the other would be dedicated to the WebEx Meeting Center vulnerability that may compromise a meeting's host computer. Core believes this mitigates the risk in a more effective way, since clients can update WebEx Player by themselves on December 15th (the date when Cisco stated the fixed version would be released) and no details of the Meeting Center vulnerability would be released until all clients are running an updated version. 2010-12-15: Cisco states they wouldn't like the advisory to be splitted, and that they prefer Core Security Technologies to go ahead and release information about both vulnerabilities. 2010-12-15: Core states that they prefer to release two advisories because these are two different bugs, in two pieces of software, each one of them with a differently working update channel determined by the vendor. Core also informs Cisco that the download link for WebEx Player points to a vulnerable version as of today, and asks Cisco to clarify what date they meant as mid-December, since Core would like to know when a fixed version of WebEx Player will be available for download to be able to publish the WebEx Player vulnerability. 2010-12-16: Cisco replies saying that releasing two advisories seems like a good plan to them. Cisco also states that since many of their customers observe a lockdown policy during the holidays season, they take a "don't upgrade" policy of their own until Monday January 10th, 2011. That is the reason why the download link of WebEx Player has not been changed yet. 2011-01-10: Core states that they are ready to release this advisory on January 11th, and that releasing two separate advisories seems pointless now because the release date of both would be very similar, and the original idea was to mitigate the risk posed by the .wrf vulnerability. Core also states that they are reviewing the best course of action to take with the issue regarding clients running the old version of WebEx (T27SP21) that according to Cisco are unable to upgrade to SP22 since this was not accounted for previously. 2011-01-13: Core states that since they have committed previously to release the advisory taking into account Cisco's consideration about their SaaS patch deploy model, when factoring the issue of clients running the SP21 version of Meeting Center scheduled by Cisco for emergency update on January, a release date of January the 31st seems reasonable. This date should be taken as final and Core Security Technologies believes it takes into account all information given by Cisco about SaaS updating timeframes. If this is not the case Cisco is asked to rectify ASAP. 2011-01-14: Cisco confirms that the timeframe (publishing both vulnerabilities on January 31st) works for them. 2011-01-31: The advisory CORE-2010-1001 is published.
- References
[1] [http://www.webex.com/] [2] [http://corelabs.coresecurity.com/index.php?module=Wiki&action=view&type=project&name=Bugweek]
- About CoreLabs
CoreLabs, the research center of Core Security Technologies, is charged with anticipating the future needs and requirements for information security technologies. We conduct our research in several important areas of computer security including system vulnerabilities, cyber attack planning and simulation, source code auditing, and cryptography. Our results include problem formalization, identification of vulnerabilities, novel solutions and prototypes for new technologies. CoreLabs regularly publishes security advisories, technical papers, project information and shared software tools for public use at: [http://corelabs.coresecurity.com].
- About Core Security Technologies
Core Security Technologies develops strategic solutions that help security-conscious organizations worldwide develop and maintain a proactive process for securing their networks. The company's flagship product, CORE IMPACT, is the most comprehensive product for performing enterprise security assurance testing. CORE IMPACT evaluates network, endpoint and end-user vulnerabilities and identifies what resources are exposed. It enables organizations to determine if current security investments are detecting and preventing attacks. Core Security Technologies augments its leading technology solution with world-class security consulting services, including penetration testing and software security auditing. Based in Boston, MA and Buenos Aires, Argentina, Core Security Technologies can be reached at 617-399-6980 or on the Web at [http://www.coresecurity.com].
- Disclaimer
The contents of this advisory are copyright (c) 2011 Core Security Technologies and (c) 2011 CoreLabs, and are licensed under a Creative Commons Attribution Non-Commercial Share-Alike 3.0 (United States) License: [http://creativecommons.org/licenses/by-nc-sa/3.0/us/]
- PGP/GPG Keys
This advisory has been signed with the GPG key of Core Security Technologies advisories team, which is available for download at [http://www.coresecurity.com/files/attachments/core_security_advisories.asc].
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32)
iEYEARECAAYFAk1HJwcACgkQyNibggitWa13VwCfVg6jVkuv3PhqmhNqZFIQO7CB L1YAni1ONdRqEYczbkvki9r0Y7nr9cIQ =9HdA -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201102-0052",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webex recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.12"
},
{
"model": "webex advanced recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "26.49"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.13"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "26.49"
},
{
"model": "webex advanced recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.11.0.3328"
},
{
"model": "webex advanced recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.10"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.11.0.3328"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.10"
},
{
"model": "webex advanced recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.12"
},
{
"model": "webex advanced recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.13"
},
{
"model": "webex advanced recording format player",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "t27lb of sp21 ep3"
},
{
"model": "webex advanced recording format player",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "t27lc of sp22"
},
{
"model": "webex recording format player",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "t27lb of sp21 ep3"
},
{
"model": "webex recording format player",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "t27lc of sp22"
},
{
"model": "webex",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "27.00"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "26.00"
},
{
"model": "webex 27lc sp22",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex 27lb sp21 ep3",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "27.10"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "26.49.32"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)27.11.8"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)26.49.35"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)27.00"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)26.00"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "27.11.8"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "26.49.35"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex (mac os 27lc sp22",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os 27lb sp21 ep3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-0411"
},
{
"db": "BID",
"id": "46075"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003863"
},
{
"db": "NVD",
"id": "CVE-2010-3269"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-032"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:27.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:27.11.0.3328:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:27.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:26.49:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:27.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:27.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:26.49:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:27.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:27.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:27.11.0.3328:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2010-3269"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Federico MuttisTippingPoint \u003chttp://www.tippingpoint.com/\u003e",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201102-032"
}
],
"trust": 0.6
},
"cve": "CVE-2010-3269",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2010-3269",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-45874",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2010-3269",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201102-032",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-45874",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-45874"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003863"
},
{
"db": "NVD",
"id": "CVE-2010-3269"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-032"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple stack-based buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to execute arbitrary code via a crafted (1) .wrf or (2) .arf file, related to use of a function pointer in a callback mechanism. Cisco WebEx is a web conferencing solution. Cisco WebEx provides record format files for storing WebEX meeting notes, and WRF Player is an application for playing back and editing WRF files (files end with a .wrf extension). This vulnerability can be triggered by publishing a .wrf video file in a conference room: .text:6070C272 loc_6070C272: ; CODE XREF: sub_6070C050+255j.text:6070C272 test esi, esi.text:6070C274 jnz short loc_6070C28F.text:6070C276 push ebx.text :6070C277 call dword ptr [ebp+0Ch] ; call to function pointer on the stack.text:6070C27A add esp, 4.text:6070C27D test al, al.text:6070C27F jz loc_6070C374.text:6070C285 mov edi, [ebp+ 0].text:6070C288 mov esi, [ebp+4].text:6070C28B mov eax, [esp+0D98h+var_D80].text:6070C28F.text:6070C28F loc_6070C28F: ; CODE XREF: sub_6070C050+224j.text:6070C28F mov Cl, [edi] ; cl can be controlled, it is read from the malicious .wrf file.text:6070C291 dec esi.text:6070C292 mov [esp+eax+0D 98h+var_C8C], cl ; this mov overflows the stack with user controlled values.text:6070C299 mov ecx, [esp+0D98h+var_D84].text:6070C29D inc edi.text:6070C29E inc eax.text:6070C29F cmp eax, ecx .text:6070C2A1 mov [esp+0D98h+var_D80], eax.text:6070C2A5 jl short loc_6070C272. Cisco WebEx is prone to multiple remote buffer-overflow vulnerabilities because it fails to perform adequate boundary-checks on user-supplied data. \nAn attacker can exploit these issues to execute arbitrary code with the privileges of the affected application. Failed exploit attempts will result in a denial-of-service condition. \n\nThe Cisco WebEx Players are applications that are used to play back\nWebEx meeting recordings that have been recorded on the computer of\nan on-line meeting attendee. The players can be automatically\ninstalled when the user accesses a recording file that is hosted on a\nWebEx server. The player can also be manually installed for offline\nplayback after downloading the application from www.webex.com\n\nIf the WebEx recording player was automatically installed, it will be\nautomatically upgraded to the latest, non-vulnerable version when\nusers access a recording file that is hosted on a WebEx server. If\nthe WebEx recording player was manually installed, users will need to\nmanually install a new version of the player after downloading the\nlatest version from www.webex.com \n\nCisco has released free software updates that address these\nvulnerabilities. \n\nAffected Products\n=================\n\nVulnerable Products\n+------------------\n\nThe vulnerabilities disclosed in this advisory affect the Cisco WebEx\nrecording players. Microsoft Windows, Apple Mac OS X, and Linux\nversions of the player are all affected. Affected versions of the\nplayers are those prior to client builds T27LC SP22 and T27LB SP21\nEP3. Customers who have contractual agreements that prevent WebEx\nfrom automatically upgrading a recording player to the latest version\nshould contact their account manager to determine upgrade options. \n\nTo determine whether a Cisco WebEx server is running an affected\nversion of the WebEx client build, users can log in to their Cisco\nWebEx server and go to the Support \u003e Downloads section. The version\nof the WebEx client build will be displayed on the right side of the\npage under \"About Support Center.\" See \"Software Versions and Fixes\"\nfor details. \n\nDetails\n=======\n\nThe WebEx meeting service is a hosted multimedia conferencing\nsolution that is managed and maintained by Cisco WebEx. The WRF and\nARF file formats are used to store WebEx meeting recordings that have\nbeen recorded on the computer of an on-line meeting attendee. The recording\nplayers can be automatically installed when the user accesses a\nrecording file that is hosted on a WebEx server (for stream playback\nmode). The recording players can also be manually installed after\ndownloading the application from www.webex.com/downloadplayer.html\nto play back recording files locally (for offline\nplayback mode). \n\nMultiple buffer overflow vulnerabilities exist in the WRF and ARF\nplayers. The vulnerabilities may lead to a crash of the player\napplication or, in some cases, remote code execution could occur. \n\nTo exploit one of these vulnerabilities, the player application would\nneed to open a malicious WRF or ARF file. An attacker may be able to\naccomplish this exploit by providing the malicious recording file\ndirectly to users (for example, by using e-mail) or by directing a\nuser to a malicious web page. \n\nThese vulnerabilities have been assigned the following Common\nVulnerabilities and Exposures (CVE) identifiers:\n\n * CVE-2010-3269\n * CVE-2010-3041\n * CVE-2010-3042\n * CVE-2010-3043\n * CVE-2010-3044\n\nVulnerability Scoring Details\n\nCisco has provided scores for the vulnerabilities in this advisory\nbased on the Common Vulnerability Scoring System (CVSS). The CVSS\nscoring in this Security Advisory is done in accordance with CVSS\nversion 2.0. \n\nCVSS is a standards-based scoring method that conveys vulnerability\nseverity and helps determine urgency and priority of response. \n\nCisco has provided a base and temporal score. Customers can then\ncompute environmental scores to assist in determining the impact of\nthe vulnerability in individual networks. \n\nCisco has provided an FAQ to answer additional questions regarding\nCVSS at:\n\nhttp://www.cisco.com/web/about/security/intelligence/cvss-qandas.html\n\n\nCisco has also provided a CVSS calculator to help compute the\nenvironmental impact for individual networks at:\n\nhttp://intellishield.cisco.com/security/alertmanager/cvss \n\n* Multiple Cisco WebEx Player Buffer Overflow Vulnerabilities\n\nCVSS Base Score - 9.3\n Access Vector - Network\n Access Complexity - Medium\n Authentication - None\n Confidentiality Impact - Complete\n Integrity Impact - Complete\n Availability Impact - Complete\n\nCVSS Temporal Score - 7.7\n Exploitability - Functional\n Remediation Level - Official-Fix\n Report Confidence - Confirmed\n\n\nImpact\n======\n\nSuccessful exploitation of the vulnerabilities described in this\ndocument could result in a crash of the Cisco WebEx ARF Player or WRF\nPlayer application and, in some cases, allow a remote attacker to\nexecute arbitrary code on the system with the privileges of the user\nwho is running the recording player application. \n\nSoftware Versions and Fixes\n===========================\n\nWhen considering software upgrades, also consult http://www.cisco.com/go/psirt\nand any subsequent advisories to determine exposure and a\ncomplete upgrade solution. \n\nThese vulnerabilities are first fixed in T27LC SP22 and T27LB SP21\nEP3. \nThe client build will be determined after the software is deployed. \n\nThe client build is listed in the Support \u003e Downloads section of the\nWebEx page after a user authenticates. WebEx bug fixes are cumulative\nin a major release. For example, if release 27.22SP.0 is fixed,\nrelease 27.22SP.1 will also have the software fix. \n\nIf a recording player was automatically installed, it will be\nautomatically upgraded to the latest, nonvulnerable version when\nusers access a recording file that is hosted on a WebEx server. \n\nIf a WebEx recording player was manually installed, users will need\nto manually install a new version of the player after downloading the\nlatest version from www.webex.com/downloadplayer.html\n\nWorkarounds\n===========\n\nThere are no workarounds for the vulnerabilities disclosed in this\nadvisory. \n\nObtaining Fixed Software\n========================\n\nCisco has released free software updates that address these\nvulnerabilities. Prior to deploying software, customers should\nconsult their maintenance provider or check the software for feature\nset compatibility and known issues specific to their environment. \n\nCustomers may only install and expect support for the feature sets\nthey have purchased. By installing, downloading, accessing or\notherwise using such software upgrades, customers agree to be bound\nby the terms of Cisco\u0027s software license terms found at \nhttp://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html,\nor as otherwise set forth at Cisco.com Downloads at\nhttp://www.cisco.com/public/sw-center/sw-usingswc.shtml \n\nDo not contact psirt@cisco.com or security-alert@cisco.com for\nsoftware upgrades. \n\nExploitation and Public Announcements\n=====================================\n\nThe Cisco PSIRT is not aware of any public announcements or malicious\nuse of the vulnerability described in this advisory. \n\nCisco would like to thank these organizations for reporting these\nvulnerabilities. \n\nStatus of this Notice: FINAL\n============================\n\nTHIS DOCUMENT IS PROVIDED ON AN \"AS IS\" BASIS AND DOES NOT IMPLY ANY\nKIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF\nMERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE\nINFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS\nAT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS\nDOCUMENT AT ANY TIME. \n\nA stand-alone copy or Paraphrase of the text of this document that\nomits the distribution URL in the following section is an\nuncontrolled copy, and may lack important information or contain\nfactual errors. \n\nDistribution\n============\n\nThis advisory is posted on Cisco\u0027s worldwide website at :\n\nhttp://www.cisco.com/warp/public/707/cisco-sa-20110201-webex.shtml\n\nIn addition to worldwide web posting, a text version of this notice\nis clear-signed with the Cisco PSIRT PGP key and is posted to the\nfollowing e-mail and Usenet news recipients. \n\n * cust-security-announce@cisco.com\n * first-bulletins@lists.first.org\n * bugtraq@securityfocus.com\n * vulnwatch@vulnwatch.org\n * cisco@spot.colorado.edu\n * cisco-nsp@puck.nether.net\n * full-disclosure@lists.grok.org.uk\n * comp.dcom.sys.cisco@newsgate.cisco.com\n\nFuture updates of this advisory, if any, will be placed on Cisco\u0027s\nworldwide website, but may or may not be actively announced on\nmailing lists or newsgroups. Users concerned about this problem are\nencouraged to check the above URL for any updates. \n\nRevision History\n================\n\n+---------------------------------------+\n| Revision | | Initial |\n| 1.0 | 2011-Feb-01 | public |\n| | | release. |\n+---------------------------------------+\n\nCisco Security Procedures\n=========================\n\nComplete information on reporting security vulnerabilities in Cisco\nproducts, obtaining assistance with security incidents, and\nregistering to receive security information from Cisco, is available\non Cisco\u0027s worldwide website at \nhttp://www.cisco.com/en/US/products/products_security_vulnerability_policy.html. \nThis includes instructions for press inquiries regarding Cisco security notices. \n\n+--------------------------------------------------------------------\nCopyright 2010-2011 Cisco Systems, Inc. All rights reserved. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n Core Security Technologies - Corelabs Advisory\n http://corelabs.coresecurity.com/\n\n Cisco WebEx .atp and .wrf Overflow Vulnerabilities\n\n\n\n1. *Advisory Information*\n\nTitle: Cisco WebEx .atp and .wrf Overflow Vulnerabilities\nAdvisory ID: CORE-2010-1001\nAdvisory URL:\n[http://www.coresecurity.com/content/webex-atp-and-wrf-overflow-vulnerabilities]\nDate published: 2011-01-31\nDate of last update: 2011-01-31\nVendors contacted: Cisco\nRelease mode: Coordinated release\n\n\n\n2. *Vulnerability Information*\n\nClass: Stack-based Buffer Overflow [CWE-121], Stack-based Buffer\nOverflow [CWE-121]\nImpact: Code execution\nRemotely Exploitable: Yes (client-side)\nLocally Exploitable: No\nCVE Name: CVE-2010-3269, CVE-2010-3270\nBugtraq ID: N/A\n\n\n\n3. *Vulnerability Description*\n\nThere are stack overflows on WebEx [1] that can be exploited by sending\nmaliciously crafted .atp and .wrf files to a vulnerable WebEx user. When\nopened, these files trigger a reliably exploitable stack based buffer\noverflow. In the .atp case an exception\nhandler can be overwritten on the stack, and most registers can be\ntrivially overwritten. \n\n\n4. *Vulnerable packages*\n\n . Contact Cisco for a list of vulnerable versions. \n\n\n5. *Non-vulnerable packages*\n\n . Contact Cisco. \n\n\n6. *Vendor Information, Solutions and Workarounds*\n\nAll clients of WebEx Meeting Center should now be running a patched\nversion according to Cisco. A non-vulnerable version of WebEx Player\nshould be available at [http://www.webex.com/downloadplayer.html]. \n\n\n7. *Credits*\n\nThese vulnerabilities were discovered and researched by Federico Muttis,\nSebastian Tello and Manuel Muradas from Core Security Technologies\nduring Bugweek 2010 as part of the \"Cisco Baby Cisco!\" team [2]. The\npublication of this advisory was coordinated by Pedro Varangot. \n\n\n8. *Technical Description*\n\n\n8.1. *WebEx Player .wrf Buffer Overflow [CVE-2010-3269]*\n\nWebEx Player can be used to playback recordings of WebEx sessions. These\nrecordings can be stored using the .wrf closed and undocumented file\nformat. This vulnerability can also be exploited by publishing a .wrf\nvideo file in a meeting, resulting in the compromise of the meeting\u0027s\nparticipants. *WebEx Meeting Center .atp Buffer Overflow [CVE-2010-3270]*\n\nWebEx Meeting Center allows polls to be conducted between all\nparticipants of a WebEx session. By serving a specially crafted .atp\nfile (used for conducting polls) the meeting host can then abruptly\ndisconnect from the server, and when another client becomes host and\ntries to share the .atp file with the other clients arbitrary code\nexecution is possible on his workstation. If his connection to the\nserver is then severed by a malicious payload, the .atp file will be\ncycled to the next connected client. We\ndeveloped trivial examples that take control of EIP using arbitrary\ncharacters. \n\n\n9. *Report Timeline*\n\n. 2010-10-04:\nCore Security Technologies contacts Cisco PSIRT using their provided PGP\nkey notifying them of the vulnerabilities and sending an advisory draft,\na proof of concept for the WebEx Player vulnerability, and a proof of\nconcept for the Meeting Center vulnerability including details of how to\nreproduce both vulnerabilities, and details about the behaviour of the\nPoC for the Player vulnerability on Windows XP SP2 (which overwrites EIP\nwith 0x41414141 on that platform). October 18th 2010 (a two weeks\ntimeframe) is set as a potential release date for the advisory. 2010-10-05:\nCisco PSIRT contacts Core stating that their development team is out of\nthe office till Friday October 8th. November 15th 2010 is mentioned as\nan estimated release date for a fix. 2010-10-05:\nCore replies to Cisco PSIRT postponing the release date of this advisory\nfor one week, to Monday October 25th, in order to contemplate the fact\nthat Cisco\u0027s development team is away from office for the week. Further\nchanges to the release date will be made after receiving technical\nfeedback. November the 15th is mentioned to be a possible date to settle\non. 2010-10-11:\nCisco PSIRT replies acknowledging \"an exception in WebEx player\" but\nthat doesn\u0027t overwrite EIP as Core Security Technologies indicated. \nCisco notifies that they were not able to reproduce the crash in WebEx\nMeeting Center. Cisco PSIRT also asks for more detailed information\nabout the version of WebEx Player used. 2010-10-12:\nCore sends the requested information, also attaching new proof of\nconcept exploits for the WebEx Player vulnerability (that now executes\ncode and launches \"calc.exe\"), and further details about the steps\nneeded to reproduce the WebEx Meeting Center crash. Details about the\nsystem where the proof of concept for the WebEx Player vulnerability was\nrun are asked. Details about the \"exception\" are also asked, specially\nnoting that if other registers are overwritten this should be considered\nas a vulnerability that would possibly lead to reliable code execution\neven if EIP was not modified (as noted by Core on the e-mail where the\nPoC was attached). No reply is received to this e-mail. 2010-10-19:\nCore resends the previous e-mail asking for news about reproduction of\nthe vulnerability on Cisco\u0027s side and asking if there was any problem in\nthe reception or interpretation of the last communication. No reply is\nreceived to this e-mail. 2010-10-28:\nCore Security Technologies resends the last e-mail, unilaterally\nrescheduling the publication of this advisory to November 8th 2010,\nwhich is closer to Cisco\u0027s initial estimation for the release of a fix. \nCore states its willingness to reschedule this publication date but only\nunder firm commitment from Cisco to working seriously towards fixing\nthis issue in a scheduled timeframe. An updated advisory draft is\nattached which includes an updated timeline. 2010-10-30:\nCisco PSIRT replies acknowledging the vulnerability, stating that they\nwere able to reproduce code execution results in the currently released\nversion of WebEx, and a crash in their current development version. \nCisco also states that there is not information yet from their\ndevelopment team about when a fix for this vulnerability will be released. 2010-11-09:\nCore replies offering more technical details about exploitation if they\nare needed, and reminding Cisco that the crash in their development\nversion may also be exploitable even if the current proof of concept\nexploit only crashes it. The publication date for this advisory is\nrescheduled to November 22nd 2010. Core states that they will like to\nschedule a firm date for the release of information about this\nvulnerability to the public and hence would like to get more information\nfrom Cisco about the schedule for the release of a fix. 2010-11-15:\nCisco states that fixed code will be deployed in mid-December, but since\nWebEx Meeting Center runs on a SaaS environment it takes about four or\nfive weeks for all clients to be running the latest version of the code. 2010-12-06:\nCisco contacts Core since no reply was received in the past two weeks,\nand clarifies that a fix will be deployed on December 15th and should be\ndone on January 11th 2011. 2010-12-06:\nCore states that they believe this advisory should be released as soon\nas the fix is deployed, since diffing the WebEx binary on the client\nside gives full details about the WebEx Meeting Center vulnerability to\nan average skilled reverse engineer. Core schedules the publication of\nthis advisory to December 15th 2010. 2010-12-07:\nCisco contacts Core stating that releasing details about this\nvulnerability would endanger customers, since there is no action they\ncan take to protect themselves because the responsibility of upgrading\nthe code ran by the customer falls on Cisco. Cisco mentions that \"many\nof these customers are probably shared between Cisco and Core Security\". 2010-12-10:\nCisco contacts Core stating that they have just discovered the WebEx\nMeeting Center Vulnerability affects a new set of customers that where\nnot accounted for originally. These are customers running T27SP21 that\ncan not be upgraded to SP22. An emergency patch will be released for\nSP21 in January 2011, and this sets back the date when all clients\nshould be running an updated version to the \"end of January, beginning\nof February.\"\n\n. 2010-12-14:\nCore proposes to split this advisory into two different advisories to\nbetter accommodate the WebEx Meeting Center SaaS release cycle. On one\nadvisory, the .wrf client side vulnerability would be described, and the\nother would be dedicated to the WebEx Meeting Center vulnerability that\nmay compromise a meeting\u0027s host computer. Core believes this mitigates\nthe risk in a more effective way, since clients can update WebEx Player\nby themselves on December 15th (the date when Cisco stated the fixed\nversion would be released) and no details of the Meeting Center\nvulnerability would be released until all clients are running an updated\nversion. 2010-12-15:\nCisco states they wouldn\u0027t like the advisory to be splitted, and that\nthey prefer Core Security Technologies to go ahead and release\ninformation about both vulnerabilities. 2010-12-15:\nCore states that they prefer to release two advisories because these are\ntwo different bugs, in two pieces of software, each one of them with a\ndifferently working update channel determined by the vendor. Core also\ninforms Cisco that the download link for WebEx Player points to a\nvulnerable version as of today, and asks Cisco to clarify what date they\nmeant as mid-December, since Core would like to know when a fixed\nversion of WebEx Player will be available for download to be able to\npublish the WebEx Player vulnerability. 2010-12-16:\nCisco replies saying that releasing two advisories seems like a good\nplan to them. Cisco also states that since many of their customers\nobserve a lockdown policy during the holidays season, they take a \"don\u0027t\nupgrade\" policy of their own until Monday January 10th, 2011. That is\nthe reason why the download link of WebEx Player has not been changed yet. 2011-01-10:\nCore states that they are ready to release this advisory on January\n11th, and that releasing two separate advisories seems pointless now\nbecause the release date of both would be very similar, and the original\nidea was to mitigate the risk posed by the .wrf vulnerability. Core also\nstates that they are reviewing the best course of action to take with\nthe issue regarding clients running the old version of WebEx (T27SP21)\nthat according to Cisco are unable to upgrade to SP22 since this was not\naccounted for previously. 2011-01-13:\nCore states that since they have committed previously to release the\nadvisory taking into account Cisco\u0027s consideration about their SaaS\npatch deploy model, when factoring the issue of clients running the SP21\nversion of Meeting Center scheduled by Cisco for emergency update on\nJanuary, a release date of January the 31st seems reasonable. This date\nshould be taken as final and Core Security Technologies believes it\ntakes into account all information given by Cisco about SaaS updating\ntimeframes. If this is not the case Cisco is asked to rectify ASAP. 2011-01-14:\nCisco confirms that the timeframe (publishing both vulnerabilities on\nJanuary 31st) works for them. 2011-01-31:\nThe advisory CORE-2010-1001 is published. \n\n\n\n10. *References*\n\n[1] [http://www.webex.com/]\n[2]\n[http://corelabs.coresecurity.com/index.php?module=Wiki\u0026action=view\u0026type=project\u0026name=Bugweek]\n\n\n11. *About CoreLabs*\n\nCoreLabs, the research center of Core Security Technologies, is charged\nwith anticipating the future needs and requirements for information\nsecurity technologies. We conduct our research in several important\nareas of computer security including system vulnerabilities, cyber\nattack planning and simulation, source code auditing, and cryptography. \nOur results include problem formalization, identification of\nvulnerabilities, novel solutions and prototypes for new technologies. \nCoreLabs regularly publishes security advisories, technical papers,\nproject information and shared software tools for public use at:\n[http://corelabs.coresecurity.com]. \n\n\n12. *About Core Security Technologies*\n\nCore Security Technologies develops strategic solutions that help\nsecurity-conscious organizations worldwide develop and maintain a\nproactive process for securing their networks. The company\u0027s flagship\nproduct, CORE IMPACT, is the most comprehensive product for performing\nenterprise security assurance testing. CORE IMPACT evaluates network,\nendpoint and end-user vulnerabilities and identifies what resources are\nexposed. It enables organizations to determine if current security\ninvestments are detecting and preventing attacks. Core Security\nTechnologies augments its leading technology solution with world-class\nsecurity consulting services, including penetration testing and software\nsecurity auditing. Based in Boston, MA and Buenos Aires, Argentina, Core\nSecurity Technologies can be reached at 617-399-6980 or on the Web at\n[http://www.coresecurity.com]. \n\n\n13. *Disclaimer*\n\nThe contents of this advisory are copyright (c) 2011 Core Security\nTechnologies and (c) 2011 CoreLabs, and are licensed under a Creative\nCommons Attribution Non-Commercial Share-Alike 3.0 (United States)\nLicense: [http://creativecommons.org/licenses/by-nc-sa/3.0/us/]\n\n\n14. *PGP/GPG Keys*\n\nThis advisory has been signed with the GPG key of Core Security\nTechnologies advisories team, which is available for download at\n[http://www.coresecurity.com/files/attachments/core_security_advisories.asc]. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.9 (MingW32)\n\niEYEARECAAYFAk1HJwcACgkQyNibggitWa13VwCfVg6jVkuv3PhqmhNqZFIQO7CB\nL1YAni1ONdRqEYczbkvki9r0Y7nr9cIQ\n=9HdA\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-3269"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003863"
},
{
"db": "CNVD",
"id": "CNVD-2011-0411"
},
{
"db": "BID",
"id": "46075"
},
{
"db": "VULHUB",
"id": "VHN-45874"
},
{
"db": "PACKETSTORM",
"id": "98073"
},
{
"db": "PACKETSTORM",
"id": "98038"
}
],
"trust": 2.7
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-45874",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-45874"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-3269",
"trust": 3.6
},
{
"db": "BID",
"id": "46075",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1025015",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2011-0261",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003863",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201102-032",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2011-0411",
"trust": 0.6
},
{
"db": "XF",
"id": "65076",
"trust": 0.6
},
{
"db": "BUGTRAQ",
"id": "20110131 [CORE-2010-1001] CISCO WEBEX .ATP AND .WRF OVERFLOW VULNERABILITIES",
"trust": 0.6
},
{
"db": "CISCO",
"id": "20110201 MULTIPLE CISCO WEBEX PLAYER VULNERABILITIES",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "16391",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "98038",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-45874",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "98073",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-0411"
},
{
"db": "VULHUB",
"id": "VHN-45874"
},
{
"db": "BID",
"id": "46075"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003863"
},
{
"db": "PACKETSTORM",
"id": "98073"
},
{
"db": "PACKETSTORM",
"id": "98038"
},
{
"db": "NVD",
"id": "CVE-2010-3269"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-032"
}
]
},
"id": "VAR-201102-0052",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-0411"
},
{
"db": "VULHUB",
"id": "VHN-45874"
}
],
"trust": 1.3453525499999999
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-0411"
}
]
},
"last_update_date": "2023-12-18T12:58:25.400000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20110201-webex",
"trust": 0.8,
"url": "http://www.cisco.com/en/us/products/products_security_advisory09186a0080b6913f.shtml"
},
{
"title": "cisco-sa-20110201-webex",
"trust": 0.8,
"url": "http://www.cisco.com/cisco/web/support/jp/110/1103/1103539_cisco-sa-20110201-webex-j.html"
},
{
"title": "Patch for Cisco WebEx Remote Stack Buffer Overflow Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/2786"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-0411"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003863"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-45874"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003863"
},
{
"db": "NVD",
"id": "CVE-2010-3269"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://www.coresecurity.com/content/webex-atp-and-wrf-overflow-vulnerabilities"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/46075"
},
{
"trust": 1.7,
"url": "http://www.cisco.com/en/us/products/products_security_advisory09186a0080b6913f.shtml"
},
{
"trust": 1.7,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=22016"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1025015"
},
{
"trust": 1.7,
"url": "http://www.vupen.com/english/advisories/2011/0261"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/archive/1/516095/100/0/threaded"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65076"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3269"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-3269"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/65076"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/archive/1/archive/1/516095/100/0/threaded"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/16391"
},
{
"trust": 0.4,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20110201-webex.shtml"
},
{
"trust": 0.3,
"url": "http://www.webex.com/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3269"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/en/us/products/products_security_vulnerability_policy.html."
},
{
"trust": 0.1,
"url": "http://www.cisco.com/go/psirt"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3043"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20110201-webex.shtml."
},
{
"trust": 0.1,
"url": "http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html"
},
{
"trust": 0.1,
"url": "https://www.webex.com/downloadplayer.html"
},
{
"trust": 0.1,
"url": "https://www.webex.com"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3044"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3041"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3042"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/go/psirt."
},
{
"trust": 0.1,
"url": "http://www.cisco.com/public/sw-center/sw-usingswc.shtml"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/en/us/docs/general/warranty/english/eu1ken_.html,"
},
{
"trust": 0.1,
"url": "http://intellishield.cisco.com/security/alertmanager/cvss"
},
{
"trust": 0.1,
"url": "http://www.coresecurity.com/content/webex-atp-and-wrf-overflow-vulnerabilities]"
},
{
"trust": 0.1,
"url": "http://corelabs.coresecurity.com]."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3270"
},
{
"trust": 0.1,
"url": "http://www.coresecurity.com/files/attachments/core_security_advisories.asc]."
},
{
"trust": 0.1,
"url": "http://corelabs.coresecurity.com/"
},
{
"trust": 0.1,
"url": "http://www.webex.com/]"
},
{
"trust": 0.1,
"url": "http://www.coresecurity.com]."
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://corelabs.coresecurity.com/index.php?module=wiki\u0026action=view\u0026type=project\u0026name=bugweek]"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-nc-sa/3.0/us/]"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "http://www.webex.com/downloadplayer.html]."
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-0411"
},
{
"db": "VULHUB",
"id": "VHN-45874"
},
{
"db": "BID",
"id": "46075"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003863"
},
{
"db": "PACKETSTORM",
"id": "98073"
},
{
"db": "PACKETSTORM",
"id": "98038"
},
{
"db": "NVD",
"id": "CVE-2010-3269"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-032"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2011-0411"
},
{
"db": "VULHUB",
"id": "VHN-45874"
},
{
"db": "BID",
"id": "46075"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003863"
},
{
"db": "PACKETSTORM",
"id": "98073"
},
{
"db": "PACKETSTORM",
"id": "98038"
},
{
"db": "NVD",
"id": "CVE-2010-3269"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-032"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-02-01T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-0411"
},
{
"date": "2011-02-02T00:00:00",
"db": "VULHUB",
"id": "VHN-45874"
},
{
"date": "2011-01-31T00:00:00",
"db": "BID",
"id": "46075"
},
{
"date": "2012-03-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-003863"
},
{
"date": "2011-02-02T02:55:23",
"db": "PACKETSTORM",
"id": "98073"
},
{
"date": "2011-02-01T04:52:28",
"db": "PACKETSTORM",
"id": "98038"
},
{
"date": "2011-02-02T23:00:31.957000",
"db": "NVD",
"id": "CVE-2010-3269"
},
{
"date": "2011-02-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-032"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-02-01T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-0411"
},
{
"date": "2018-10-10T00:00:00",
"db": "VULHUB",
"id": "VHN-45874"
},
{
"date": "2011-02-01T16:20:00",
"db": "BID",
"id": "46075"
},
{
"date": "2012-03-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-003863"
},
{
"date": "2018-10-10T20:01:31.677000",
"db": "NVD",
"id": "CVE-2010-3269"
},
{
"date": "2011-02-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-032"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "98073"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-032"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco WRF and ARF Player T27LB Vulnerable to stack-based buffer overflow",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-003863"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201102-032"
}
],
"trust": 0.6
}
}
var-201901-0362
Vulnerability from variot
A vulnerability in the Cisco Webex Teams client, formerly Cisco Spark, could allow an attacker to execute arbitrary commands on a targeted system. This vulnerability is due to unsafe search paths used by the application URI that is defined in Windows operating systems. An attacker could exploit this vulnerability by convincing a targeted user to follow a malicious link. Successful exploitation could cause the application to load libraries from the directory targeted by the URI link. The attacker could use this behavior to execute arbitrary commands on the system with the privileges of the targeted user if the attacker can place a crafted library in a directory that is accessible to the vulnerable system. Cisco Webex Teams client Is OS A command injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The product does not warn the user that a dangerous navigation is about to take place. Because special characters in the URI are not sanitized, this could lead to the execution of arbitrary commands. Cisco Webex Teams is prone to a local untrusted search path vulnerability. This issue being tracked by Cisco Bug ID CSCvm25955. Versions prior to Cisco Webex Teams 3.0.10260 are vulnerable. The program includes features such as video conferencing, group messaging and file sharing
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201901-0362",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webex teams",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0.4533"
},
{
"model": "webex teams",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex",
"scope": null,
"trust": 0.7,
"vendor": "cisco",
"version": null
},
{
"model": "webex teams",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "webex teams",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.10260"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-19-129"
},
{
"db": "BID",
"id": "106718"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-001357"
},
{
"db": "NVD",
"id": "CVE-2019-1636"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_teams:3.0.4533:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-1636"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "rgod of 9sg Security Team - rgod@9sgsec.com",
"sources": [
{
"db": "ZDI",
"id": "ZDI-19-129"
}
],
"trust": 0.7
},
"cve": "CVE-2019-1636",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2019-1636",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-148498",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2019-1636",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 2.8,
"id": "CVE-2019-1636",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "REQUIRED",
"vectorString": "AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2019-1636",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ykramarz@cisco.com",
"id": "CVE-2019-1636",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2019-1636",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201901-849",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-148498",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2019-1636",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-19-129"
},
{
"db": "VULHUB",
"id": "VHN-148498"
},
{
"db": "VULMON",
"id": "CVE-2019-1636"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-001357"
},
{
"db": "NVD",
"id": "CVE-2019-1636"
},
{
"db": "NVD",
"id": "CVE-2019-1636"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-849"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in the Cisco Webex Teams client, formerly Cisco Spark, could allow an attacker to execute arbitrary commands on a targeted system. This vulnerability is due to unsafe search paths used by the application URI that is defined in Windows operating systems. An attacker could exploit this vulnerability by convincing a targeted user to follow a malicious link. Successful exploitation could cause the application to load libraries from the directory targeted by the URI link. The attacker could use this behavior to execute arbitrary commands on the system with the privileges of the targeted user if the attacker can place a crafted library in a directory that is accessible to the vulnerable system. Cisco Webex Teams client Is OS A command injection vulnerability exists.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The product does not warn the user that a dangerous navigation is about to take place. Because special characters in the URI are not sanitized, this could lead to the execution of arbitrary commands. Cisco Webex Teams is prone to a local untrusted search path vulnerability. \nThis issue being tracked by Cisco Bug ID CSCvm25955. \nVersions prior to Cisco Webex Teams 3.0.10260 are vulnerable. The program includes features such as video conferencing, group messaging and file sharing",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-1636"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-001357"
},
{
"db": "ZDI",
"id": "ZDI-19-129"
},
{
"db": "BID",
"id": "106718"
},
{
"db": "VULHUB",
"id": "VHN-148498"
},
{
"db": "VULMON",
"id": "CVE-2019-1636"
}
],
"trust": 2.7
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-1636",
"trust": 3.6
},
{
"db": "BID",
"id": "106718",
"trust": 2.1
},
{
"db": "JVNDB",
"id": "JVNDB-2019-001357",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-7160",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-19-129",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201901-849",
"trust": 0.7
},
{
"db": "NSFOCUS",
"id": "43899",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2020-12740",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-148498",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2019-1636",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-19-129"
},
{
"db": "VULHUB",
"id": "VHN-148498"
},
{
"db": "VULMON",
"id": "CVE-2019-1636"
},
{
"db": "BID",
"id": "106718"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-001357"
},
{
"db": "NVD",
"id": "CVE-2019-1636"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-849"
}
]
},
"id": "VAR-201901-0362",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-148498"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T14:05:13.124000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20190123-webex-teams",
"trust": 1.5,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190123-webex-teams"
},
{
"title": "Cisco Webex Teams Fixes for operating system command injection vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=88931"
},
{
"title": "The Register",
"trust": 0.2,
"url": "https://www.theregister.co.uk/2019/01/24/cisco_sd_wan_bugs/"
},
{
"title": "Cisco: Cisco Webex Teams URI Handler Insecure Library Loading Vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=cisco-sa-20190123-webex-teams"
},
{
"title": "EAOrigin_remote_code",
"trust": 0.1,
"url": "https://github.com/segregator/eaorigin_remote_code "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/b9q/eaorigin_remote_code "
},
{
"title": "sec-daily-2019",
"trust": 0.1,
"url": "https://github.com/alphaseclab/sec-daily-2019 "
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-19-129"
},
{
"db": "VULMON",
"id": "CVE-2019-1636"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-001357"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-849"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-78",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-148498"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-001357"
},
{
"db": "NVD",
"id": "CVE-2019-1636"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.9,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20190123-webex-teams"
},
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/106718"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-1636"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-1636"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/43899"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/78.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://github.com/segregator/eaorigin_remote_code"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-19-129"
},
{
"db": "VULHUB",
"id": "VHN-148498"
},
{
"db": "VULMON",
"id": "CVE-2019-1636"
},
{
"db": "BID",
"id": "106718"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-001357"
},
{
"db": "NVD",
"id": "CVE-2019-1636"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-849"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-19-129"
},
{
"db": "VULHUB",
"id": "VHN-148498"
},
{
"db": "VULMON",
"id": "CVE-2019-1636"
},
{
"db": "BID",
"id": "106718"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-001357"
},
{
"db": "NVD",
"id": "CVE-2019-1636"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-849"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-01-25T00:00:00",
"db": "ZDI",
"id": "ZDI-19-129"
},
{
"date": "2019-01-23T00:00:00",
"db": "VULHUB",
"id": "VHN-148498"
},
{
"date": "2019-01-23T00:00:00",
"db": "VULMON",
"id": "CVE-2019-1636"
},
{
"date": "2019-01-23T00:00:00",
"db": "BID",
"id": "106718"
},
{
"date": "2019-02-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-001357"
},
{
"date": "2019-01-23T22:29:00.493000",
"db": "NVD",
"id": "CVE-2019-1636"
},
{
"date": "2019-01-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201901-849"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-01-25T00:00:00",
"db": "ZDI",
"id": "ZDI-19-129"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-148498"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULMON",
"id": "CVE-2019-1636"
},
{
"date": "2019-01-23T00:00:00",
"db": "BID",
"id": "106718"
},
{
"date": "2019-02-28T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-001357"
},
{
"date": "2019-10-09T23:47:34.330000",
"db": "NVD",
"id": "CVE-2019-1636"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201901-849"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "BID",
"id": "106718"
},
{
"db": "CNNVD",
"id": "CNNVD-201901-849"
}
],
"trust": 0.9
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Webex Teams client In OS Command injection vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-001357"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "operating system commend injection",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201901-849"
}
],
"trust": 0.6
}
}
var-201810-0627
Vulnerability from variot
A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit this vulnerability by sending a user a malicious ARF or WRF file via a link or an email attachment and persuading the user to open the file by using the affected software. A successful exploit could allow the attacker to execute arbitrary code on the affected system. Cisco Webex Network Recording Player and Webex Player Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Crafted data in an ARF file can trigger an integer underflow before a memory write operation. These issues are being tracked by Cisco Bug IDs CSCvj83752, CSCvj83767, CSCvj83771, CSCvj83793, CSCvj83797, CSCvj83803, CSCvj83818, CSCvj83824, CSCvj83831, CSCvj87929, CSCvj87934, CSCvj93870, CSCvj93877, CSCvk31089, CSCvk33049, CSCvk52510, CSCvk52518, CSCvk52521, CSCvk59945, CSCvk59949, CSCvk59950, CSCvk60158, CSCvk60163, CSCvm51315, CSCvm51318, CSCvm51361, CSCvm51371, CSCvm51373, CSCvm51374, CSCvm51382, CSCvm51386, CSCvm51391, CSCvm51393, CSCvm51396, CSCvm51398, CSCvm51412, CSCvm51413, CSCvm54531, and CSCvm54538
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201810-0627",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.9,
"vendor": "cisco",
"version": "2.8"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.9,
"vendor": "cisco",
"version": "2.7"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.9,
"vendor": "cisco",
"version": "2.6"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "2.7.1"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "webex business suite 31",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "31.23.0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.1.29"
},
{
"model": "webex business suite 33",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "33.5"
},
{
"model": "webex meetings online",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.37"
},
{
"model": "webex business suite 32",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "32.15.10"
},
{
"model": "webex business suite",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings online",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex",
"scope": null,
"trust": 0.7,
"vendor": "cisco",
"version": null
},
{
"model": "webex player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex network recording player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings server 3.0mr2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server 3.0mr1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server patch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.01"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8.1.2039"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8.1.1034"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8.1.1023"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8.1.1019"
},
{
"model": "webex meetings server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.81"
},
{
"model": "webex meetings server mr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8"
},
{
"model": "webex meetings server 2.7mr2 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.7.1.3047"
},
{
"model": "webex meetings server 2.6mr3 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.1.30"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.0.8"
},
{
"model": "webex meetings server 2.5mr6 patch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6"
},
{
"model": "webex meetings server 2.5mr2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.99.2"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.1.5"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.0.997"
},
{
"model": "webex meetings server mr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "webex meetings server base",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "webex meetings server 2.0mr2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5.1.6"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5.1.131"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5(.1.6)"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5(.1.131)"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.1"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings online",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.3.35"
},
{
"model": "webex meetings online",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex business suite wbs33",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite wbs32",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite wbs31",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server 3.0mr2 patch",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1"
},
{
"model": "webex meetings online",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.3.37"
},
{
"model": "webex business suite wbs33.4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite wbs32.15.20",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite wbs31.23",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1120"
},
{
"db": "BID",
"id": "105520"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010554"
},
{
"db": "NVD",
"id": "CVE-2018-15410"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-201"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_online:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.3.37",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.8:base:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7:maintenance_release2_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7:maintenance_release1_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:maintenance_release3_patch2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:maintenance_release2_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5:maintenance_release6_patch4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7:base:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5:maintenance_release6_patch3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5:maintenance_release5_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5:maintenance_release6_patch2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5:maintenance_release2_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5.1.29:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:maintenance_release3_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:maintenance_release1_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_business_suite_32:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "32.15.10",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_business_suite_33:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "33.5",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_business_suite_31:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "31.23.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-15410"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Steven Seeley (mr_me) of Source Incite",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1120"
}
],
"trust": 0.7
},
"cve": "CVE-2018-15410",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-15410",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 4.9,
"id": "CVE-2018-15410",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-125667",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-15410",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-15410",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2018-15410",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201810-201",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-125667",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1120"
},
{
"db": "VULHUB",
"id": "VHN-125667"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010554"
},
{
"db": "NVD",
"id": "CVE-2018-15410"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-201"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit this vulnerability by sending a user a malicious ARF or WRF file via a link or an email attachment and persuading the user to open the file by using the affected software. A successful exploit could allow the attacker to execute arbitrary code on the affected system. Cisco Webex Network Recording Player and Webex Player Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Crafted data in an ARF file can trigger an integer underflow before a memory write operation. \nThese issues are being tracked by Cisco Bug IDs CSCvj83752, CSCvj83767, CSCvj83771, CSCvj83793, CSCvj83797, CSCvj83803, CSCvj83818, CSCvj83824, CSCvj83831, CSCvj87929, CSCvj87934, CSCvj93870, CSCvj93877, CSCvk31089, CSCvk33049, CSCvk52510, CSCvk52518, CSCvk52521, CSCvk59945, CSCvk59949, CSCvk59950, CSCvk60158, CSCvk60163, CSCvm51315, CSCvm51318, CSCvm51361, CSCvm51371, CSCvm51373, CSCvm51374, CSCvm51382, CSCvm51386, CSCvm51391, CSCvm51393, CSCvm51396, CSCvm51398, CSCvm51412, CSCvm51413, CSCvm54531, and CSCvm54538",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-15410"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010554"
},
{
"db": "ZDI",
"id": "ZDI-18-1120"
},
{
"db": "BID",
"id": "105520"
},
{
"db": "VULHUB",
"id": "VHN-125667"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-15410",
"trust": 3.5
},
{
"db": "BID",
"id": "105520",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1041795",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010554",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-6312",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-1120",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201810-201",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-125667",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1120"
},
{
"db": "VULHUB",
"id": "VHN-125667"
},
{
"db": "BID",
"id": "105520"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010554"
},
{
"db": "NVD",
"id": "CVE-2018-15410"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-201"
}
]
},
"id": "VAR-201810-0627",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-125667"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:01:09.610000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20181003-webex-rce",
"trust": 1.5,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20181003-webex-rce"
},
{
"title": "Cisco Webex Network Recording Player and Webex Player Enter the fix for the verification vulnerability",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=85415"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1120"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010554"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-201"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.1
},
{
"problemtype": "CWE-119",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-125667"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010554"
},
{
"db": "NVD",
"id": "CVE-2018-15410"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20181003-webex-rce"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/105520"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1041795"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-15410"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-15410"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1120"
},
{
"db": "VULHUB",
"id": "VHN-125667"
},
{
"db": "BID",
"id": "105520"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010554"
},
{
"db": "NVD",
"id": "CVE-2018-15410"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-201"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-18-1120"
},
{
"db": "VULHUB",
"id": "VHN-125667"
},
{
"db": "BID",
"id": "105520"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010554"
},
{
"db": "NVD",
"id": "CVE-2018-15410"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-201"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-08T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1120"
},
{
"date": "2018-10-05T00:00:00",
"db": "VULHUB",
"id": "VHN-125667"
},
{
"date": "2018-10-03T00:00:00",
"db": "BID",
"id": "105520"
},
{
"date": "2018-12-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010554"
},
{
"date": "2018-10-05T14:29:09.483000",
"db": "NVD",
"id": "CVE-2018-15410"
},
{
"date": "2018-10-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-201"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-08T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1120"
},
{
"date": "2020-08-31T00:00:00",
"db": "VULHUB",
"id": "VHN-125667"
},
{
"date": "2018-10-03T00:00:00",
"db": "BID",
"id": "105520"
},
{
"date": "2018-12-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010554"
},
{
"date": "2020-08-31T20:36:11.797000",
"db": "NVD",
"id": "CVE-2018-15410"
},
{
"date": "2020-09-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-201"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201810-201"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Webex Network Recording Player and Webex Player Buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010554"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201810-201"
}
],
"trust": 0.6
}
}
var-202003-1180
Vulnerability from variot
Multiple vulnerabilities in Cisco Webex Network Recording Player for Microsoft Windows and Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerabilities are due to insufficient validation of certain elements within a Webex recording that is stored in either the Advanced Recording Format (ARF) or the Webex Recording Format (WRF). An attacker could exploit these vulnerabilities by sending a malicious ARF or WRF file to a user through a link or email attachment and persuading the user to open the file on the local system. A successful exploit could allow the attacker to execute arbitrary code on the affected system with the privileges of the targeted user. (DoS) It may be put into a state. Crafted data in an ARF file can trigger access to memory prior to initialization. Microsoft Windows is an operating system used by a set of personal devices of Microsoft Corporation in the United States. The following products and versions are affected: Webex Network Recording Player Release WBS earlier than 39.5.17 (Cisco Webex Meetings), Release WBS earlier than 39.11.0 (Cisco Webex Meetings), Release 1.3.43 earlier (Cisco Webex Meetings Online), Release 3.0MR3 prior to SecurityPatch1 (Cisco Webex Meetings Server), prior to 4.0MR2SecurityPatch2 (Cisco Webex Meetings Server); Webex Player Release prior to WBS 39.5.17 (Cisco Webex Meetings), Release prior to Release WBS 39.11.0 (Cisco Webex Meetings) , versions earlier than Release 1.3.43 (Cisco Webex Meetings Online)
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202003-1180",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "webex network recording player",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "39.5.17"
},
{
"model": "webex meetings online",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.43"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "webex network recording player",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "39.11.0"
},
{
"model": "webex meetings",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "39.5.17"
},
{
"model": "webex meetings",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "39.5"
},
{
"model": "webex meetings server",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "webex meetings",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings online",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex network recording player",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex",
"scope": null,
"trust": 0.7,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "1.5"
},
{
"model": "webex meetings online",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "1.3.42"
},
{
"model": "webex meetings",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "39.5"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings online",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "1.3.39"
},
{
"model": "webex meetings online",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "webex meetings online",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "1.3.37"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "1.1"
},
{
"model": "webex meetings online",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "1.3.38"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-269"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-002443"
},
{
"db": "NVD",
"id": "CVE-2020-3127"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-179"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "39.5.17",
"versionStartIncluding": "39.5",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_online:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.3.43",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:3.0:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:4.0:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:4.0:maintenance_release1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:4.0:maintenance_release2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_network_recording_player:*:*:*:*:*:windows:*:*",
"cpe_name": [],
"versionEndExcluding": "39.5.17",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_network_recording_player:*:*:*:*:*:windows:*:*",
"cpe_name": [],
"versionEndExcluding": "39.11.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-3127"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Francis Provencher {PRL}",
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-269"
}
],
"trust": 0.7
},
"cve": "CVE-2020-3127",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "JVNDB-2020-002443",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-181252",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "ykramarz@cisco.com",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "JVNDB-2020-002443",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2020-3127",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "REQUIRED",
"vectorString": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-3127",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "ykramarz@cisco.com",
"id": "CVE-2020-3127",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "JVNDB-2020-002443",
"trust": 0.8,
"value": "High"
},
{
"author": "ZDI",
"id": "CVE-2020-3127",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202003-179",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-181252",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-269"
},
{
"db": "VULHUB",
"id": "VHN-181252"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-002443"
},
{
"db": "NVD",
"id": "CVE-2020-3127"
},
{
"db": "NVD",
"id": "CVE-2020-3127"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-179"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple vulnerabilities in Cisco Webex Network Recording Player for Microsoft Windows and Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerabilities are due to insufficient validation of certain elements within a Webex recording that is stored in either the Advanced Recording Format (ARF) or the Webex Recording Format (WRF). An attacker could exploit these vulnerabilities by sending a malicious ARF or WRF file to a user through a link or email attachment and persuading the user to open the file on the local system. A successful exploit could allow the attacker to execute arbitrary code on the affected system with the privileges of the targeted user. (DoS) It may be put into a state. Crafted data in an ARF file can trigger access to memory prior to initialization. Microsoft Windows is an operating system used by a set of personal devices of Microsoft Corporation in the United States. The following products and versions are affected: Webex Network Recording Player Release WBS earlier than 39.5.17 (Cisco Webex Meetings), Release WBS earlier than 39.11.0 (Cisco Webex Meetings), Release 1.3.43 earlier (Cisco Webex Meetings Online), Release 3.0MR3 prior to SecurityPatch1 (Cisco Webex Meetings Server), prior to 4.0MR2SecurityPatch2 (Cisco Webex Meetings Server); Webex Player Release prior to WBS 39.5.17 (Cisco Webex Meetings), Release prior to Release WBS 39.11.0 (Cisco Webex Meetings) , versions earlier than Release 1.3.43 (Cisco Webex Meetings Online)",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-3127"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-002443"
},
{
"db": "ZDI",
"id": "ZDI-20-269"
},
{
"db": "VULHUB",
"id": "VHN-181252"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-3127",
"trust": 3.2
},
{
"db": "ZDI",
"id": "ZDI-20-269",
"trust": 2.4
},
{
"db": "JVNDB",
"id": "JVNDB-2020-002443",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-9491",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-202003-179",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2020.0811",
"trust": 0.6
},
{
"db": "CNVD",
"id": "CNVD-2020-16516",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-181252",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-269"
},
{
"db": "VULHUB",
"id": "VHN-181252"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-002443"
},
{
"db": "NVD",
"id": "CVE-2020-3127"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-179"
}
]
},
"id": "VAR-202003-1180",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-181252"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:43:03.939000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20200304-webex-player",
"trust": 1.5,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20200304-webex-player"
},
{
"title": "Cisco Webex Network Recording Player and Cisco Webex Player Enter the fix for the verification error vulnerability",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=111259"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-269"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-002443"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-179"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-181252"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-002443"
},
{
"db": "NVD",
"id": "CVE-2020-3127"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20200304-webex-player"
},
{
"trust": 1.7,
"url": "https://www.zerodayinitiative.com/advisories/zdi-20-269/"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-3127"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-3127"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.0811/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-269"
},
{
"db": "VULHUB",
"id": "VHN-181252"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-002443"
},
{
"db": "NVD",
"id": "CVE-2020-3127"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-179"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-20-269"
},
{
"db": "VULHUB",
"id": "VHN-181252"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-002443"
},
{
"db": "NVD",
"id": "CVE-2020-3127"
},
{
"db": "CNNVD",
"id": "CNNVD-202003-179"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-03-05T00:00:00",
"db": "ZDI",
"id": "ZDI-20-269"
},
{
"date": "2020-03-04T00:00:00",
"db": "VULHUB",
"id": "VHN-181252"
},
{
"date": "2020-03-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-002443"
},
{
"date": "2020-03-04T19:15:12.353000",
"db": "NVD",
"id": "CVE-2020-3127"
},
{
"date": "2020-03-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202003-179"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-03-05T00:00:00",
"db": "ZDI",
"id": "ZDI-20-269"
},
{
"date": "2020-03-05T00:00:00",
"db": "VULHUB",
"id": "VHN-181252"
},
{
"date": "2020-03-16T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-002443"
},
{
"date": "2020-03-05T23:15:13.447000",
"db": "NVD",
"id": "CVE-2020-3127"
},
{
"date": "2020-03-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202003-179"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202003-179"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Microsoft Windows for Cisco Webex Network Recording Player and Cisco Webex Player Input verification vulnerability in",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-002443"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202003-179"
}
],
"trust": 0.6
}
}
var-201810-0630
Vulnerability from variot
A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit this vulnerability by sending a user a malicious ARF or WRF file via a link or an email attachment and persuading the user to open the file by using the affected software. A successful exploit could allow the attacker to execute arbitrary code on the affected system. Cisco Webex Network Recording Player and Webex Player Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. These issues are being tracked by Cisco Bug IDs CSCvj83752, CSCvj83767, CSCvj83771, CSCvj83793, CSCvj83797, CSCvj83803, CSCvj83818, CSCvj83824, CSCvj83831, CSCvj87929, CSCvj87934, CSCvj93870, CSCvj93877, CSCvk31089, CSCvk33049, CSCvk52510, CSCvk52518, CSCvk52521, CSCvk59945, CSCvk59949, CSCvk59950, CSCvk60158, CSCvk60163, CSCvm51315, CSCvm51318, CSCvm51361, CSCvm51371, CSCvm51373, CSCvm51374, CSCvm51382, CSCvm51386, CSCvm51391, CSCvm51393, CSCvm51396, CSCvm51398, CSCvm51412, CSCvm51413, CSCvm54531, and CSCvm54538
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201810-0630",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.9,
"vendor": "cisco",
"version": "2.8"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.9,
"vendor": "cisco",
"version": "2.7"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.9,
"vendor": "cisco",
"version": "2.6"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "2.7.1"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "webex business suite 32",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "32.15.20"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.1.29"
},
{
"model": "webex meetings online",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.37"
},
{
"model": "webex business suite 33",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "33.4"
},
{
"model": "webex business suite",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings online",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex",
"scope": null,
"trust": 0.7,
"vendor": "cisco",
"version": null
},
{
"model": "webex player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex network recording player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings server 3.0mr2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server 3.0mr1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server patch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.01"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8.1.2039"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8.1.1034"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8.1.1023"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8.1.1019"
},
{
"model": "webex meetings server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.81"
},
{
"model": "webex meetings server mr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8"
},
{
"model": "webex meetings server 2.7mr2 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.7.1.3047"
},
{
"model": "webex meetings server 2.6mr3 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.1.30"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.0.8"
},
{
"model": "webex meetings server 2.5mr6 patch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6"
},
{
"model": "webex meetings server 2.5mr2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.99.2"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.1.5"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.0.997"
},
{
"model": "webex meetings server mr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "webex meetings server base",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "webex meetings server 2.0mr2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5.1.6"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5.1.131"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5(.1.6)"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5(.1.131)"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.1"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings online",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.3.35"
},
{
"model": "webex meetings online",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex business suite wbs33",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite wbs32",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite wbs31",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server 3.0mr2 patch",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1"
},
{
"model": "webex meetings online",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.3.37"
},
{
"model": "webex business suite wbs33.4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite wbs32.15.20",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite wbs31.23",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1129"
},
{
"db": "BID",
"id": "105520"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010557"
},
{
"db": "NVD",
"id": "CVE-2018-15413"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-204"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_online:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.3.37",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5:maintenance_release6_patch4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5:maintenance_release6_patch3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5:maintenance_release6_patch2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5:maintenance_release5_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:maintenance_release3_patch2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:maintenance_release2_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5.1.29:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.8:base:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7:maintenance_release2_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7:base:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7:maintenance_release1_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:maintenance_release3_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:maintenance_release1_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5:maintenance_release2_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_business_suite_32:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "32.15.20",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_business_suite_33:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "33.4",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-15413"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Michael Flanders of Trend Micro Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1129"
}
],
"trust": 0.7
},
"cve": "CVE-2018-15413",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-15413",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CVE-2018-15413",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-125670",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-15413",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-15413",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2018-15413",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201810-204",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-125670",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1129"
},
{
"db": "VULHUB",
"id": "VHN-125670"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010557"
},
{
"db": "NVD",
"id": "CVE-2018-15413"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-204"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit this vulnerability by sending a user a malicious ARF or WRF file via a link or an email attachment and persuading the user to open the file by using the affected software. A successful exploit could allow the attacker to execute arbitrary code on the affected system. Cisco Webex Network Recording Player and Webex Player Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. \nThese issues are being tracked by Cisco Bug IDs CSCvj83752, CSCvj83767, CSCvj83771, CSCvj83793, CSCvj83797, CSCvj83803, CSCvj83818, CSCvj83824, CSCvj83831, CSCvj87929, CSCvj87934, CSCvj93870, CSCvj93877, CSCvk31089, CSCvk33049, CSCvk52510, CSCvk52518, CSCvk52521, CSCvk59945, CSCvk59949, CSCvk59950, CSCvk60158, CSCvk60163, CSCvm51315, CSCvm51318, CSCvm51361, CSCvm51371, CSCvm51373, CSCvm51374, CSCvm51382, CSCvm51386, CSCvm51391, CSCvm51393, CSCvm51396, CSCvm51398, CSCvm51412, CSCvm51413, CSCvm54531, and CSCvm54538",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-15413"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010557"
},
{
"db": "ZDI",
"id": "ZDI-18-1129"
},
{
"db": "BID",
"id": "105520"
},
{
"db": "VULHUB",
"id": "VHN-125670"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-15413",
"trust": 3.5
},
{
"db": "BID",
"id": "105520",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1041795",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010557",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-6801",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-1129",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201810-204",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-125670",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1129"
},
{
"db": "VULHUB",
"id": "VHN-125670"
},
{
"db": "BID",
"id": "105520"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010557"
},
{
"db": "NVD",
"id": "CVE-2018-15413"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-204"
}
]
},
"id": "VAR-201810-0630",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-125670"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:01:09.514000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20181003-webex-rce",
"trust": 1.5,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20181003-webex-rce"
},
{
"title": "Cisco Webex Network Recording Player and Webex Player Enter the fix for the verification vulnerability",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=85418"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1129"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010557"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-204"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-125670"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010557"
},
{
"db": "NVD",
"id": "CVE-2018-15413"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20181003-webex-rce"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/105520"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1041795"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-15413"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-15413"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1129"
},
{
"db": "VULHUB",
"id": "VHN-125670"
},
{
"db": "BID",
"id": "105520"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010557"
},
{
"db": "NVD",
"id": "CVE-2018-15413"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-204"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-18-1129"
},
{
"db": "VULHUB",
"id": "VHN-125670"
},
{
"db": "BID",
"id": "105520"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010557"
},
{
"db": "NVD",
"id": "CVE-2018-15413"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-204"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-08T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1129"
},
{
"date": "2018-10-05T00:00:00",
"db": "VULHUB",
"id": "VHN-125670"
},
{
"date": "2018-10-03T00:00:00",
"db": "BID",
"id": "105520"
},
{
"date": "2018-12-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010557"
},
{
"date": "2018-10-05T14:29:09.840000",
"db": "NVD",
"id": "CVE-2018-15413"
},
{
"date": "2018-10-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-204"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-08T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1129"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-125670"
},
{
"date": "2018-10-03T00:00:00",
"db": "BID",
"id": "105520"
},
{
"date": "2018-12-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010557"
},
{
"date": "2019-10-09T23:35:34.047000",
"db": "NVD",
"id": "CVE-2018-15413"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-204"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201810-204"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Webex Network Recording Player and Webex Player Input validation vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010557"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201810-204"
}
],
"trust": 0.6
}
}
var-202011-1339
Vulnerability from variot
Multiple vulnerabilities in Cisco Webex Network Recording Player for Windows and Cisco Webex Player for Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerabilities are due to insufficient validation of certain elements of a Webex recording that is stored in the Advanced Recording Format (ARF) or Webex Recording Format (WRF). An attacker could exploit these vulnerabilities by sending a user a malicious ARF or WRF file through a link or email attachment and persuading the user to open the file with the affected software on the local system. A successful exploit could allow the attacker to execute arbitrary code on the affected system with the privileges of the targeted user. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202011-1339",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "webex meetings",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "40.6.11"
},
{
"model": "webex meetings",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "40.7.0"
},
{
"model": "webex meetings",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "40.8.0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "4.0"
},
{
"model": "cisco webex meetings server",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "cisco webex meetings",
"scope": null,
"trust": 0.8,
"vendor": "\u30b7\u30b9\u30b3\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"model": "webex",
"scope": null,
"trust": 0.7,
"vendor": "cisco",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-1361"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-013257"
},
{
"db": "NVD",
"id": "CVE-2020-3603"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:3.0:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:4.0:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:4.0:maintenance_release1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:4.0:maintenance_release2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:4.0:maintenance_release3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "40.8.0",
"versionStartIncluding": "40.7.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "40.6.11",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:3.0:maintenance_release3:-:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2020-3603"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Francis Provencher {PRL}",
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-1361"
}
],
"trust": 0.7
},
"cve": "CVE-2020-3603",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2020-3603",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-181728",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 2.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2020-3603",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "ZDI",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"id": "CVE-2020-3603",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 0.7,
"userInteraction": "REQUIRED",
"vectorString": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2020-3603",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ykramarz@cisco.com",
"id": "CVE-2020-3603",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2020-3603",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-202011-341",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-181728",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-1361"
},
{
"db": "VULHUB",
"id": "VHN-181728"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-013257"
},
{
"db": "NVD",
"id": "CVE-2020-3603"
},
{
"db": "NVD",
"id": "CVE-2020-3603"
},
{
"db": "CNNVD",
"id": "CNNVD-202011-341"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple vulnerabilities in Cisco Webex Network Recording Player for Windows and Cisco Webex Player for Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerabilities are due to insufficient validation of certain elements of a Webex recording that is stored in the Advanced Recording Format (ARF) or Webex Recording Format (WRF). An attacker could exploit these vulnerabilities by sending a user a malicious ARF or WRF file through a link or email attachment and persuading the user to open the file with the affected software on the local system. A successful exploit could allow the attacker to execute arbitrary code on the affected system with the privileges of the targeted user. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer",
"sources": [
{
"db": "NVD",
"id": "CVE-2020-3603"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-013257"
},
{
"db": "ZDI",
"id": "ZDI-20-1361"
},
{
"db": "VULHUB",
"id": "VHN-181728"
}
],
"trust": 2.34
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2020-3603",
"trust": 3.2
},
{
"db": "ZDI",
"id": "ZDI-20-1361",
"trust": 2.4
},
{
"db": "JVNDB",
"id": "JVNDB-2020-013257",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-11133",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-202011-341",
"trust": 0.7
},
{
"db": "AUSCERT",
"id": "ESB-2020.3855",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-181728",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-1361"
},
{
"db": "VULHUB",
"id": "VHN-181728"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-013257"
},
{
"db": "NVD",
"id": "CVE-2020-3603"
},
{
"db": "CNNVD",
"id": "CNNVD-202011-341"
}
]
},
"id": "VAR-202011-1339",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-181728"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:16:43.645000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-webex-nbr-NOS6FQ24",
"trust": 1.5,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-webex-nbr-nos6fq24"
},
{
"title": "Cisco Webex Network Recording Player Buffer error vulnerability fix",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=133199"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-1361"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-013257"
},
{
"db": "CNNVD",
"id": "CNNVD-202011-341"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-787",
"trust": 1.1
},
{
"problemtype": "Buffer error (CWE-119) [NVD Evaluation ]",
"trust": 0.8
},
{
"problemtype": "CWE-119",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-181728"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-013257"
},
{
"db": "NVD",
"id": "CVE-2020-3603"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.0,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-webex-nbr-nos6fq24"
},
{
"trust": 1.7,
"url": "https://www.zerodayinitiative.com/advisories/zdi-20-1361/"
},
{
"trust": 1.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2020-3603"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.3855/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-20-1361"
},
{
"db": "VULHUB",
"id": "VHN-181728"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-013257"
},
{
"db": "NVD",
"id": "CVE-2020-3603"
},
{
"db": "CNNVD",
"id": "CNNVD-202011-341"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-20-1361"
},
{
"db": "VULHUB",
"id": "VHN-181728"
},
{
"db": "JVNDB",
"id": "JVNDB-2020-013257"
},
{
"db": "NVD",
"id": "CVE-2020-3603"
},
{
"db": "CNNVD",
"id": "CNNVD-202011-341"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-11-10T00:00:00",
"db": "ZDI",
"id": "ZDI-20-1361"
},
{
"date": "2020-11-06T00:00:00",
"db": "VULHUB",
"id": "VHN-181728"
},
{
"date": "2021-06-22T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2020-013257"
},
{
"date": "2020-11-06T19:15:15.707000",
"db": "NVD",
"id": "CVE-2020-3603"
},
{
"date": "2020-11-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202011-341"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2020-11-10T00:00:00",
"db": "ZDI",
"id": "ZDI-20-1361"
},
{
"date": "2021-10-19T00:00:00",
"db": "VULHUB",
"id": "VHN-181728"
},
{
"date": "2021-06-22T06:49:00",
"db": "JVNDB",
"id": "JVNDB-2020-013257"
},
{
"date": "2023-11-07T03:23:00.643000",
"db": "NVD",
"id": "CVE-2020-3603"
},
{
"date": "2021-10-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202011-341"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202011-341"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Windows\u00a0 for \u00a0Cisco\u00a0Webex\u00a0Network\u00a0Recording\u00a0Player\u00a0 and \u00a0Cisco\u00a0Webex\u00a0Player\u00a0 Buffer Error Vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2020-013257"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202011-341"
}
],
"trust": 0.6
}
}
var-201206-0111
Vulnerability from variot
Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27 LC before SP25 EP11, T27 LD before SP32 CP2, and T28 L10N before SP1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted WRF file, aka Bug ID CSCtz72946. Cisco WebEx Recording Format (WRF) player Contains a buffer overflow vulnerability. Cisco WebEx is prone to multiple remote buffer-overflow vulnerabilities because it fails to perform adequate boundary-checks on user-supplied data. An attacker can exploit these issues to execute arbitrary code with the privileges of the affected application. Failed exploit attempts will result in a denial-of-service condition. Cisco WebEx is a set of Web conferencing tools developed by American Cisco (Cisco), which can assist office workers in different places to coordinate and cooperate. WebEx services include Web conferencing, telepresence video conferencing and enterprise instant messaging (IM). ----------------------------------------------------------------------
Become a PSI 3.0 beta tester! Test-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. Download it here! http://secunia.com/psi_30_beta_launch
TITLE: Cisco WebEx Player WRF Processing Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA49750
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/49750/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=49750
RELEASE DATE: 2012-06-28
DISCUSS ADVISORY: http://secunia.com/advisories/49750/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/49750/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=49750
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in WebEx Recording Format Player, which can be exploited by malicious people to compromise a user's system.
1) An unspecified error when processing WRF files can be exploited to cause a heap-based buffer overflow.
2) An error when processing the JPEG DHT chunk within a WRF file can be exploited to cause a stack-based buffer overflow.
3) An unspecified error when processing WRF files can be exploited to corrupt memory.
4) An error when processing the Audio size within a WRF file can be exploited to cause a heap-based buffer overflow.
Successful exploitation of the vulnerabilities may allow execution of arbitrary code.
The vulnerabilities are reported in the following versions: * Client builds 28.0.0 (T28 L10N). * Client builds 27.32.1 (T27 LD SP32 CP1) and prior. * Client builds 27.25.10 (T27 LC SP25 EP10) and prior. * Client builds 27.21.10 (T27 LB SP21 EP10) and prior. * Client builds 27.11.26 (T27 L SP11 EP26) and prior.
SOLUTION: Update to a fixed client build (please see the vendor's advisory for details).
PROVIDED AND/OR DISCOVERED BY: The vendor credits iDefense and Microsoft Vulnerability Research (MSVR).
ORIGINAL ADVISORY: Cisco: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120627-webex
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201206-0111",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webex recording format player",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "27.11.26"
},
{
"model": "webex recording format player",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "27.32.0"
},
{
"model": "webex recording format player",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "28.0.0"
},
{
"model": "webex recording format player",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "27.21.0"
},
{
"model": "webex recording format player",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "27.11.0"
},
{
"model": "webex recording format player",
"scope": "lte",
"trust": 1.0,
"vendor": "cisco",
"version": "27.21.10"
},
{
"model": "webex recording format player",
"scope": "gte",
"trust": 1.0,
"vendor": "cisco",
"version": "27.25.0"
},
{
"model": "webex recording format player",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "27.25.11"
},
{
"model": "webex recording format player",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "27.32.2"
},
{
"model": "webex recording format player",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "28.0.1"
},
{
"model": "webex recording format player",
"scope": "lte",
"trust": 0.8,
"vendor": "cisco",
"version": "client builds 27.25.10 (t27 lc sp25 ep10)"
},
{
"model": "webex recording format player",
"scope": "lte",
"trust": 0.8,
"vendor": "cisco",
"version": "client builds 27.32.1 (t27 ld sp32 cp1)"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "client builds 28.0.0 (t28 l 10n)"
},
{
"model": "webex t27 sp28",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 sp25 ep3",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 sp23",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 sp21 ep9",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 sp11 ep23",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 ld sp32 cp1",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 ld sp32",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 lc sp25 ep9",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 lc sp25 ep10",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 lb sp21 ep10",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 l sp11 ep26",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 fr20",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t26 sp49 ep40",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex 27lc sp22",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex 27lb sp21 ep3",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "27.00"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "26.00"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "27.32.1"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "27.11.26"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "28.0.0"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "27.25.10"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "27.21.10"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "27.10"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "26.49.32"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)27.11.8"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)26.49.35"
},
{
"model": "webex (mac os t27 sp28",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 sp25 ep3",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 sp23",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 sp21 ep9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 sp11 ep23",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 ld sp32 cp1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 ld sp32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 lc sp25 ep9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 lc sp25 ep10",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 lb sp21 ep10",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 l sp11 ep26",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 fr20",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t26 sp49 ep40",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os 27lc sp22",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os 27lb sp21 ep3",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)27.00"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)26.00"
},
{
"model": "webex (ma t27 ld sp32",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "27.11.8"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "26.49.35"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "28"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "27"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "54213"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002944"
},
{
"db": "NVD",
"id": "CVE-2012-3056"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-528"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "27.11.26",
"versionStartIncluding": "27.11.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "27.21.10",
"versionStartIncluding": "27.21.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "27.32.2",
"versionStartIncluding": "27.32.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "27.25.11",
"versionStartIncluding": "27.25.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "28.0.1",
"versionStartIncluding": "28.0.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-3056"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "iDefense and Microsoft Vulnerability Research (MSVR)",
"sources": [
{
"db": "BID",
"id": "54213"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-528"
}
],
"trust": 0.9
},
"cve": "CVE-2012-3056",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2012-3056",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-56337",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-3056",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201206-528",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-56337",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-56337"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002944"
},
{
"db": "NVD",
"id": "CVE-2012-3056"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-528"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27 LC before SP25 EP11, T27 LD before SP32 CP2, and T28 L10N before SP1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted WRF file, aka Bug ID CSCtz72946. Cisco WebEx Recording Format (WRF) player Contains a buffer overflow vulnerability. Cisco WebEx is prone to multiple remote buffer-overflow vulnerabilities because it fails to perform adequate boundary-checks on user-supplied data. \nAn attacker can exploit these issues to execute arbitrary code with the privileges of the affected application. Failed exploit attempts will result in a denial-of-service condition. Cisco WebEx is a set of Web conferencing tools developed by American Cisco (Cisco), which can assist office workers in different places to coordinate and cooperate. WebEx services include Web conferencing, telepresence video conferencing and enterprise instant messaging (IM). ----------------------------------------------------------------------\n\nBecome a PSI 3.0 beta tester!\nTest-drive the new beta version and tell us what you think about its extended automatic update function and significantly enhanced user-interface. \nDownload it here!\nhttp://secunia.com/psi_30_beta_launch\n\n----------------------------------------------------------------------\n\nTITLE:\nCisco WebEx Player WRF Processing Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA49750\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/49750/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49750\n\nRELEASE DATE:\n2012-06-28\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/49750/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/49750/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49750\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in WebEx Recording Format\nPlayer, which can be exploited by malicious people to compromise a\nuser\u0027s system. \n\n1) An unspecified error when processing WRF files can be exploited to\ncause a heap-based buffer overflow. \n\n2) An error when processing the JPEG DHT chunk within a WRF file can\nbe exploited to cause a stack-based buffer overflow. \n\n3) An unspecified error when processing WRF files can be exploited to\ncorrupt memory. \n\n4) An error when processing the Audio size within a WRF file can be\nexploited to cause a heap-based buffer overflow. \n\nSuccessful exploitation of the vulnerabilities may allow execution of\narbitrary code. \n\nThe vulnerabilities are reported in the following versions:\n* Client builds 28.0.0 (T28 L10N). \n* Client builds 27.32.1 (T27 LD SP32 CP1) and prior. \n* Client builds 27.25.10 (T27 LC SP25 EP10) and prior. \n* Client builds 27.21.10 (T27 LB SP21 EP10) and prior. \n* Client builds 27.11.26 (T27 L SP11 EP26) and prior. \n\nSOLUTION:\nUpdate to a fixed client build (please see the vendor\u0027s advisory for\ndetails). \n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits iDefense and Microsoft Vulnerability Research\n(MSVR). \n\nORIGINAL ADVISORY:\nCisco:\nhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120627-webex\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-3056"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002944"
},
{
"db": "BID",
"id": "54213"
},
{
"db": "VULHUB",
"id": "VHN-56337"
},
{
"db": "PACKETSTORM",
"id": "114290"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-3056",
"trust": 2.8
},
{
"db": "BID",
"id": "54213",
"trust": 0.9
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002944",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201206-528",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "49750",
"trust": 0.7
},
{
"db": "CISCO",
"id": "20120627 BUFFER OVERFLOW VULNERABILITIES IN THE CISCO WEBEX PLAYER",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "19900",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-56337",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "114290",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-56337"
},
{
"db": "BID",
"id": "54213"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002944"
},
{
"db": "PACKETSTORM",
"id": "114290"
},
{
"db": "NVD",
"id": "CVE-2012-3056"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-528"
}
]
},
"id": "VAR-201206-0111",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-56337"
}
],
"trust": 0.7296153719999999
},
"last_update_date": "2023-12-18T12:10:04.587000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20120627-webex",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20120627-webex"
},
{
"title": "26209",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=26209"
},
{
"title": "cisco-sa-20120627-webex",
"trust": 0.8,
"url": "http://www.cisco.com/cisco/web/support/jp/111/1115/1115508_cisco-sa-20120627-webex-j.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-002944"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-56337"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002944"
},
{
"db": "NVD",
"id": "CVE-2012-3056"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.1,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20120627-webex"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3056"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-3056"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/49750"
},
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/54213"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/19900"
},
{
"trust": 0.3,
"url": "http://www.webex.com/"
},
{
"trust": 0.1,
"url": "http://secunia.com/psi_30_beta_launch"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=49750"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/49750/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/49750/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-56337"
},
{
"db": "BID",
"id": "54213"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002944"
},
{
"db": "PACKETSTORM",
"id": "114290"
},
{
"db": "NVD",
"id": "CVE-2012-3056"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-528"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-56337"
},
{
"db": "BID",
"id": "54213"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-002944"
},
{
"db": "PACKETSTORM",
"id": "114290"
},
{
"db": "NVD",
"id": "CVE-2012-3056"
},
{
"db": "CNNVD",
"id": "CNNVD-201206-528"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-06-29T00:00:00",
"db": "VULHUB",
"id": "VHN-56337"
},
{
"date": "2012-06-27T00:00:00",
"db": "BID",
"id": "54213"
},
{
"date": "2012-07-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-002944"
},
{
"date": "2012-06-28T06:12:23",
"db": "PACKETSTORM",
"id": "114290"
},
{
"date": "2012-06-29T14:55:01.140000",
"db": "NVD",
"id": "CVE-2012-3056"
},
{
"date": "2012-06-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201206-528"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-12-03T00:00:00",
"db": "VULHUB",
"id": "VHN-56337"
},
{
"date": "2015-03-19T09:40:00",
"db": "BID",
"id": "54213"
},
{
"date": "2012-07-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-002944"
},
{
"date": "2018-12-03T13:50:28.673000",
"db": "NVD",
"id": "CVE-2012-3056"
},
{
"date": "2012-06-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201206-528"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201206-528"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco WebEx Recording Format player Vulnerable to buffer overflow",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-002944"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201206-528"
}
],
"trust": 0.6
}
}
var-201210-0316
Vulnerability from variot
Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted WRF file, aka Bug ID CSCua61331. Cisco WebEx Recording Format (WRF) Player Contains a buffer overflow vulnerability. Cisco WebEx is prone to multiple remote memory-corruption vulnerabilities. An attacker can exploit these issues to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions. Cisco WebEx is a set of Web conferencing tools developed by American Cisco (Cisco), which can assist office workers in different places to coordinate and cooperate. WebEx services include Web conferencing, telepresence video conferencing and enterprise instant messaging (IM). -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Core Security - Corelabs Advisory http://corelabs.coresecurity.com/
Cisco WebEx .wrf Memory Corruption Vulnerability
- Advisory Information
Title: Cisco WebEx .wrf Memory Corruption Vulnerability Advisory ID: CORE-2012-0613 Advisory URL: http://www.coresecurity.com/content/webex-wrf-memory-corruption-vulnerability Date published: 2012-10-11 Date of last update: 2012-09-13 Vendors contacted: Cisco Release mode: Coordinated release
- Vulnerability Information
Class: Access of Memory Location After End of Buffer [CWE-788] Impact: Code execution Remotely Exploitable: No Locally Exploitable: Yes CVE Name: CVE-2012-3939
- Vulnerability Description
A vulnerability exists in atas32.dll affecting Cisco WebEx Player v3.26 that allows an attacker to corrupt memory, which may lead to code execution in the context of the currently logged on user.
- Vulnerable packages
. Cisco WebEx Player v3.26 . Cisco Meeting Center and older versions of WebEx Player are probably affected too, but they were not checked.
- Vendor Information, Solutions and Workarounds
If the Cisco WebEx WRF Player was automatically installed, it will be automatically upgraded to the latest, nonvulnerable version when users access a recording file that is hosted on a WebEx meeting site. A non-vulnerable version of Cisco WebEx Player should be available at http://www.webex.com/downloadplayer.html.
- Credits
This vulnerability was discovered and researched by Oren Isacson. The publication of this advisory was coordinated by Fernando russ.
- Technical Description / Proof of Concept
The memory corruption is caused by a call to the memcpy function with an invalid destination parameter.
In our proof of concept (POC), the destination parameter to the memcpy function points to unmapped memory. The source parameters points to valid heap memory. The size parameter is equal to 540. As the destination parameter is close to the top of the heap, and the source parameter points to data that may be user-controlled, this vulnerability may be leveraged to execute code.
- Report Timeline
. 2012-06-21: Core Security Technologies notifies Cisco Product Security Incident Response Team of the vulnerability, including a brief description of the issue. 2012-06-21: Cisco PSIRT acknowledges the receipt of the information. Vendor asks for detailed technical information. 2012-06-21: Core sends a draft version of the advisory and a PoC .wrf file which reproduce the issue. 2012-06-25: Cisco PSIRT asks for more information regarding the exact version of the atas32.dll libary version. 2012-06-25: Core sends the requested information. 2012-07-11: Core notifies that the tentative publication deadline was missed and reschedule the publication for August 6th, 2012. 2012-07-12: Cisco PSIRT asks if the advisory publication can be hold until they have finished its fixes. 2012-07-12: Core notifies that the current publication date is tentative and can be moved while the new publication date keeps reasonable. 2012-07-16: Cisco PSIRT informs that they can't be sure of having fixes sooner that beginning of September. 2012-07-17: Core acknowledges the new timeframe for the publication and asks for a more specific date. 2012-07-20: Cisco PSIRT informs that the new publication date for the fixes and all the related information regarding this vulnerability is September 12th, 2012. 2012-07-23: Core Security Technologies acknowledges the new deadline for the publication. 2012-08-23: Cisco PSIRT asks to postpone the publication date to October 10th, 2012. 2012-08-27: Core acknowledges the new deadline for the publication. 2012-09-12: Publication date confirmed on [2012-07-20] missed. 2012-10-11: Advisory CORE-2012-0613 published.
- About CoreLabs
CoreLabs, the research center of Core Security Technologies, is charged with anticipating the future needs and requirements for information security technologies. We conduct our research in several important areas of computer security including system vulnerabilities, cyber attack planning and simulation, source code auditing, and cryptography. Our results include problem formalization, identification of vulnerabilities, novel solutions and prototypes for new technologies. CoreLabs regularly publishes security advisories, technical papers, project information and shared software tools for public use at: http://corelabs.coresecurity.com.
- About Core Security Technologies
Core Security Technologies enables organizations to get ahead of threats with security test and measurement solutions that continuously identify and demonstrate real-world exposures to their most critical assets. Our customers can gain real visibility into their security standing, real validation of their security controls, and real metrics to more effectively secure their organizations.
Core Security's software solutions build on over a decade of trusted research and leading-edge threat expertise from the company's Security Consulting Services, CoreLabs and Engineering groups. Core Security Technologies can be reached at +1 (617) 399-6980 or on the Web at: http://www.coresecurity.com.
- Disclaimer
The contents of this advisory are copyright (c) 2012 Core Security Technologies and (c) 2012 CoreLabs, and are licensed under a Creative Commons Attribution Non-Commercial Share-Alike 3.0 (United States) License: http://creativecommons.org/licenses/by-nc-sa/3.0/us/
- PGP/GPG Keys
This advisory has been signed with the GPG key of Core Security Technologies advisories team, which is available for download at http://www.coresecurity.com/files/attachments/core_security_advisories.asc.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (Darwin) Comment: Using GnuPG with Mozilla - http://www.enigmail.net/
iQEcBAEBAgAGBQJQdyjEAAoJEK6bq3WCdh+HiPEH+wVJOMXbci4VXZjJLKuabrM8 sm2l7wdUx7ebPxm5wG05ns+9joRjtiXxXVSZWrpWtrKcTHlPWYm8iPYbnGGOi9vs NpFz+fMSncT/MIFhQBePJQkcPhEeqVEtdVc+DCXv+WfQ6MNxpbGhLj7O1mXxJOUN 5aes2i8iBVxdzEPydVApG+Fz0YDeonlh7djEKwyUZCzHJlb7ZOUiKtaXLrWM7PLc +xzMLCaBzm+srm7mo/71nD7/OKcAfR14m8gixxPkjmdWjf831Sd5yeAzZF/o3bAG RTMsZ2WKNmYqWL+KbdMTmYhF0G2eM0jYmpdkXc7zUhb85GuHJD3PDAQGTjAZkjQ= =9sT3 -----END PGP SIGNATURE-----
. ----------------------------------------------------------------------
The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/
TITLE: Cisco WebEx Recording Format Player Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA50905
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/50905/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=50905
RELEASE DATE: 2012-10-11
DISCUSS ADVISORY: http://secunia.com/advisories/50905/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/50905/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=50905
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Cisco WebEx Recording Format Player, which can be exploited by malicious people to compromise a user's system.
1) An unspecified error can be exploited to cause a buffer overflow via a specially crafted WRF file.
2) An unspecified error can be exploited to cause a buffer overflow via a specially crafted WRF file.
3) An unspecified error can be exploited to cause a buffer overflow via a specially crafted WRF file.
4) An unspecified error can be exploited to corrupt memory via a specially crafted WRF file.
5) An unspecified error can be exploited to cause a buffer overflow via a specially crafted WRF file.
6) An unspecified error can be exploited to cause a heap-based buffer overflow via a specially crafted WRF file.
Successful exploitation of the vulnerabilities may allow execution of arbitrary code.
The vulnerabilities are reported in the following versions: * T28 client builds prior to T28.4 (28.4) * T27 client builds prior to T27LDSP32EP10 (27.32.10)
SOLUTION: Update to version 28.4 or 27.32.10.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: The vendor credits Beyond Security, Core Security, Codenomicon, and TELUS.
ORIGINAL ADVISORY: Cisco: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-webex
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201210-0316",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webex recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.25.10"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.21.10"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.32.1"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.11.26"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "28.0.0"
},
{
"model": "webex recording format player",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "t28 client build"
},
{
"model": "webex recording format player",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "t27 client build"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "t28.4 (28.4)"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "t27ldsp32ep10 (27.32.10)"
},
{
"model": "webex t27 ld sp32 cp1",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 ld sp32",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 lc sp25 ep9",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 lc sp25 ep10",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 lb sp21 ep10",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 l sp11 ep26",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 fr20",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "27.00"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "27.10"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)27.11.8"
},
{
"model": "webex (mac os t27 sp28",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 sp25 ep3",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 sp23",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 sp21 ep9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 sp11 ep23",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 ld sp32 cp1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 ld sp32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 lc sp25 ep9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 lc sp25 ep10",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 lb sp21 ep10",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 l sp11 ep26",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 fr20",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)27.00"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "27.11.8"
},
{
"model": "webex t27 sp28",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 sp25 ep3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 sp23",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 sp21 ep9",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 sp11 ep23",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "55866"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005134"
},
{
"db": "NVD",
"id": "CVE-2012-3939"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-236"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:27.32.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:27.21.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:27.11.26:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:27.25.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:28.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-3939"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Beyond Security, Core Security, Codenomicon, and TELUS",
"sources": [
{
"db": "BID",
"id": "55866"
}
],
"trust": 0.3
},
"cve": "CVE-2012-3939",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2012-3939",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-57220",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-3939",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201210-236",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-57220",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57220"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005134"
},
{
"db": "NVD",
"id": "CVE-2012-3939"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-236"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted WRF file, aka Bug ID CSCua61331. Cisco WebEx Recording Format (WRF) Player Contains a buffer overflow vulnerability. Cisco WebEx is prone to multiple remote memory-corruption vulnerabilities. \nAn attacker can exploit these issues to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions. Cisco WebEx is a set of Web conferencing tools developed by American Cisco (Cisco), which can assist office workers in different places to coordinate and cooperate. WebEx services include Web conferencing, telepresence video conferencing and enterprise instant messaging (IM). \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nCore Security - Corelabs Advisory\nhttp://corelabs.coresecurity.com/\n\nCisco WebEx .wrf Memory Corruption Vulnerability\n\n\n\n1. *Advisory Information*\n\nTitle: Cisco WebEx .wrf Memory Corruption Vulnerability\nAdvisory ID: CORE-2012-0613\nAdvisory URL:\nhttp://www.coresecurity.com/content/webex-wrf-memory-corruption-vulnerability\nDate published: 2012-10-11\nDate of last update: 2012-09-13\nVendors contacted: Cisco\nRelease mode: Coordinated release\n\n\n\n2. *Vulnerability Information*\n\nClass: Access of Memory Location After End of Buffer [CWE-788]\nImpact: Code execution\nRemotely Exploitable: No\nLocally Exploitable: Yes\nCVE Name: CVE-2012-3939\n\n\n\n3. *Vulnerability Description*\n\nA vulnerability exists in atas32.dll affecting Cisco WebEx Player v3.26\nthat allows an attacker to corrupt memory, which may lead to code\nexecution in the context of the currently logged on user. \n\n\n4. *Vulnerable packages*\n\n . Cisco WebEx Player v3.26\n . Cisco Meeting Center and older versions of WebEx Player are\nprobably affected too, but they were not checked. \n\n\n5. *Vendor Information, Solutions and Workarounds*\n\nIf the Cisco WebEx WRF Player was automatically installed, it will be\nautomatically upgraded to the latest, nonvulnerable version when users\naccess a recording file that is hosted on a WebEx meeting site. A\nnon-vulnerable version of Cisco WebEx Player should be available at\nhttp://www.webex.com/downloadplayer.html. \n\n\n6. *Credits*\n\nThis vulnerability was discovered and researched by Oren Isacson. The\npublication of this advisory was coordinated by Fernando russ. \n\n\n7. *Technical Description / Proof of Concept*\n\nThe memory corruption is caused by a call to the memcpy function with an\ninvalid destination parameter. \n\nIn our proof of concept (POC), the destination parameter to the memcpy\nfunction points to unmapped memory. The source parameters points to\nvalid heap memory. The size parameter is equal to 540. As the\ndestination parameter is close to the top of the heap, and the source\nparameter points to data that may be user-controlled, this vulnerability\nmay be leveraged to execute code. \n\n\n8. *Report Timeline*\n\n. 2012-06-21:\nCore Security Technologies notifies Cisco Product Security Incident\nResponse Team of the vulnerability, including a brief description of the\nissue. 2012-06-21:\nCisco PSIRT acknowledges the receipt of the information. Vendor asks for\ndetailed technical information. 2012-06-21:\nCore sends a draft version of the advisory and a PoC .wrf file which\nreproduce the issue. 2012-06-25:\nCisco PSIRT asks for more information regarding the exact version of the\natas32.dll libary version. 2012-06-25:\nCore sends the requested information. 2012-07-11:\nCore notifies that the tentative publication deadline was missed and\nreschedule the publication for August 6th, 2012. 2012-07-12:\nCisco PSIRT asks if the advisory publication can be hold until they have\nfinished its fixes. 2012-07-12:\nCore notifies that the current publication date is tentative and can be\nmoved while the new publication date keeps reasonable. 2012-07-16:\nCisco PSIRT informs that they can\u0027t be sure of having fixes sooner that\nbeginning of September. 2012-07-17:\nCore acknowledges the new timeframe for the publication and asks for a\nmore specific date. 2012-07-20:\nCisco PSIRT informs that the new publication date for the fixes and all\nthe related information regarding this vulnerability is September 12th,\n2012. 2012-07-23:\nCore Security Technologies acknowledges the new deadline for the\npublication. 2012-08-23:\nCisco PSIRT asks to postpone the publication date to October 10th, 2012. 2012-08-27:\nCore acknowledges the new deadline for the publication. 2012-09-12:\nPublication date confirmed on [2012-07-20] missed. 2012-10-11:\nAdvisory CORE-2012-0613 published. \n\n\n\n9. *About CoreLabs*\n\nCoreLabs, the research center of Core Security Technologies, is charged\nwith anticipating the future needs and requirements for information\nsecurity technologies. We conduct our research in several important\nareas of computer security including system vulnerabilities, cyber\nattack planning and simulation, source code auditing, and cryptography. \nOur results include problem formalization, identification of\nvulnerabilities, novel solutions and prototypes for new technologies. \nCoreLabs regularly publishes security advisories, technical papers,\nproject information and shared software tools for public use at:\nhttp://corelabs.coresecurity.com. \n\n\n10. *About Core Security Technologies*\n\nCore Security Technologies enables organizations to get ahead of threats\nwith security test and measurement solutions that continuously identify\nand demonstrate real-world exposures to their most critical assets. Our\ncustomers can gain real visibility into their security standing, real\nvalidation of their security controls, and real metrics to more\neffectively secure their organizations. \n\nCore Security\u0027s software solutions build on over a decade of trusted\nresearch and leading-edge threat expertise from the company\u0027s Security\nConsulting Services, CoreLabs and Engineering groups. Core Security\nTechnologies can be reached at +1 (617) 399-6980 or on the Web at:\nhttp://www.coresecurity.com. \n\n\n11. *Disclaimer*\n\nThe contents of this advisory are copyright (c) 2012 Core Security\nTechnologies and (c) 2012 CoreLabs, and are licensed under a Creative\nCommons Attribution Non-Commercial Share-Alike 3.0 (United States)\nLicense: http://creativecommons.org/licenses/by-nc-sa/3.0/us/\n\n\n12. *PGP/GPG Keys*\n\nThis advisory has been signed with the GPG key of Core Security\nTechnologies advisories team, which is available for download at\nhttp://www.coresecurity.com/files/attachments/core_security_advisories.asc. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.12 (Darwin)\nComment: Using GnuPG with Mozilla - http://www.enigmail.net/\n\niQEcBAEBAgAGBQJQdyjEAAoJEK6bq3WCdh+HiPEH+wVJOMXbci4VXZjJLKuabrM8\nsm2l7wdUx7ebPxm5wG05ns+9joRjtiXxXVSZWrpWtrKcTHlPWYm8iPYbnGGOi9vs\nNpFz+fMSncT/MIFhQBePJQkcPhEeqVEtdVc+DCXv+WfQ6MNxpbGhLj7O1mXxJOUN\n5aes2i8iBVxdzEPydVApG+Fz0YDeonlh7djEKwyUZCzHJlb7ZOUiKtaXLrWM7PLc\n+xzMLCaBzm+srm7mo/71nD7/OKcAfR14m8gixxPkjmdWjf831Sd5yeAzZF/o3bAG\nRTMsZ2WKNmYqWL+KbdMTmYhF0G2eM0jYmpdkXc7zUhb85GuHJD3PDAQGTjAZkjQ=\n=9sT3\n-----END PGP SIGNATURE-----\n\n\n. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nCisco WebEx Recording Format Player Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA50905\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/50905/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50905\n\nRELEASE DATE:\n2012-10-11\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/50905/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/50905/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50905\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Cisco WebEx Recording\nFormat Player, which can be exploited by malicious people to\ncompromise a user\u0027s system. \n\n1) An unspecified error can be exploited to cause a buffer overflow\nvia a specially crafted WRF file. \n\n2) An unspecified error can be exploited to cause a buffer overflow\nvia a specially crafted WRF file. \n\n3) An unspecified error can be exploited to cause a buffer overflow\nvia a specially crafted WRF file. \n\n4) An unspecified error can be exploited to corrupt memory via a\nspecially crafted WRF file. \n\n5) An unspecified error can be exploited to cause a buffer overflow\nvia a specially crafted WRF file. \n\n6) An unspecified error can be exploited to cause a heap-based buffer\noverflow via a specially crafted WRF file. \n\nSuccessful exploitation of the vulnerabilities may allow execution of\narbitrary code. \n\nThe vulnerabilities are reported in the following versions:\n* T28 client builds prior to T28.4 (28.4)\n* T27 client builds prior to T27LDSP32EP10 (27.32.10)\n\nSOLUTION:\nUpdate to version 28.4 or 27.32.10. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits Beyond Security, Core Security, Codenomicon, and\nTELUS. \n\nORIGINAL ADVISORY:\nCisco:\nhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-webex\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-3939"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005134"
},
{
"db": "BID",
"id": "55866"
},
{
"db": "VULHUB",
"id": "VHN-57220"
},
{
"db": "PACKETSTORM",
"id": "117362"
},
{
"db": "PACKETSTORM",
"id": "117325"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-3939",
"trust": 2.9
},
{
"db": "BID",
"id": "55866",
"trust": 1.4
},
{
"db": "OSVDB",
"id": "86138",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1027639",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005134",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201210-236",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "50905",
"trust": 0.7
},
{
"db": "CISCO",
"id": "20121010 MULTIPLE VULNERABILITIES IN THE CISCO WEBEX RECORDING FORMAT PLAYER",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "117362",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-57220",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "117325",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57220"
},
{
"db": "BID",
"id": "55866"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005134"
},
{
"db": "PACKETSTORM",
"id": "117362"
},
{
"db": "PACKETSTORM",
"id": "117325"
},
{
"db": "NVD",
"id": "CVE-2012-3939"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-236"
}
]
},
"id": "VAR-201210-0316",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-57220"
}
],
"trust": 0.69583333
},
"last_update_date": "2023-12-18T13:09:37.365000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20121010-webex",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20121010-webex"
},
{
"title": "27109",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=27109"
},
{
"title": "cisco-sa-20121010-webex",
"trust": 0.8,
"url": "http://www.cisco.com/cisco/web/support/jp/111/1116/1116639_cisco-sa-20121010-webex-j.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-005134"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57220"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005134"
},
{
"db": "NVD",
"id": "CVE-2012-3939"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20121010-webex"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/55866"
},
{
"trust": 1.1,
"url": "http://osvdb.org/86138"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1027639"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3939"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-3939"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/50905"
},
{
"trust": 0.3,
"url": "http://www.webex.com/"
},
{
"trust": 0.1,
"url": "http://www.coresecurity.com/content/webex-wrf-memory-corruption-vulnerability"
},
{
"trust": 0.1,
"url": "http://www.coresecurity.com/files/attachments/core_security_advisories.asc."
},
{
"trust": 0.1,
"url": "http://www.enigmail.net/"
},
{
"trust": 0.1,
"url": "http://corelabs.coresecurity.com/"
},
{
"trust": 0.1,
"url": "http://www.webex.com/downloadplayer.html."
},
{
"trust": 0.1,
"url": "http://www.coresecurity.com."
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-3939"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-nc-sa/3.0/us/"
},
{
"trust": 0.1,
"url": "http://corelabs.coresecurity.com."
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50905"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50905/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/blog/325/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50905/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57220"
},
{
"db": "BID",
"id": "55866"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005134"
},
{
"db": "PACKETSTORM",
"id": "117362"
},
{
"db": "PACKETSTORM",
"id": "117325"
},
{
"db": "NVD",
"id": "CVE-2012-3939"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-236"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-57220"
},
{
"db": "BID",
"id": "55866"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005134"
},
{
"db": "PACKETSTORM",
"id": "117362"
},
{
"db": "PACKETSTORM",
"id": "117325"
},
{
"db": "NVD",
"id": "CVE-2012-3939"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-236"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-10-25T00:00:00",
"db": "VULHUB",
"id": "VHN-57220"
},
{
"date": "2012-10-10T00:00:00",
"db": "BID",
"id": "55866"
},
{
"date": "2012-10-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-005134"
},
{
"date": "2012-10-13T00:01:39",
"db": "PACKETSTORM",
"id": "117362"
},
{
"date": "2012-10-11T10:07:14",
"db": "PACKETSTORM",
"id": "117325"
},
{
"date": "2012-10-25T14:55:03.717000",
"db": "NVD",
"id": "CVE-2012-3939"
},
{
"date": "2012-10-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201210-236"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-05-04T00:00:00",
"db": "VULHUB",
"id": "VHN-57220"
},
{
"date": "2015-03-19T09:16:00",
"db": "BID",
"id": "55866"
},
{
"date": "2012-10-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-005134"
},
{
"date": "2013-05-04T03:20:03.787000",
"db": "NVD",
"id": "CVE-2012-3939"
},
{
"date": "2012-10-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201210-236"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201210-236"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco WebEx Recording Format Player Vulnerable to buffer overflow",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-005134"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201210-236"
}
],
"trust": 0.6
}
}
var-201008-0394
Vulnerability from variot
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco WebEx Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists during the parsing of strings defined within the ARF file format. Strings are typically prefixed by their valid length. By supplying a string much longer than the defined length a heap overflow will occur which can be further leveraged to execute arbitrary code under the context of the current user. WebEx is the world's largest provider of network communication services, providing carrier-grade network conferencing solutions. WebEx has been acquired by Cisco. Cisco WebEx is prone to a remote code-execution vulnerability because the software fails to perform adequate boundary checks on user-supplied data. Successful exploits will completely compromise affected computers. Failed exploit attempts will result in a denial-of-service condition. ----------------------------------------------------------------------
Secunia receives 'Frost & Sullivan's Global 2010 Customer Value Enhancement Award
Secunia outshines its competitors and receives the Frost & Sullivan’s Global 2010 Customer Value Enhancement Award. Based on its recent analysis of the vulnerability research market, Frost & Sullivan concluded:
"Secunia provides tremendous value for their customers, end-users, and to other security vendors."
Read more: http://secunia.com/blog/117/
TITLE: Cisco WebEx Player ARF Parsing Buffer Overflow Vulnerability
SECUNIA ADVISORY ID: SA41039
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/41039/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=41039
RELEASE DATE: 2010-08-24
DISCUSS ADVISORY: http://secunia.com/advisories/41039/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/41039/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=41039
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A vulnerability has been reported in Cisco WebEx Player, which can be exploited by malicious people to compromise a user's system.
Successful exploitation may allow execution of arbitrary code.
SOLUTION: Reportedly fixed in version T27FR14. Contact the vendor for further information.
PROVIDED AND/OR DISCOVERED BY: Gabriel Menezes Nunes, reported via ZDI.
ORIGINAL ADVISORY: http://www.zerodayinitiative.com/advisories/ZDI-10-155/
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. ZDI-10-155: Cisco WebEx Player ARF String Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-10-155 August 23, 2010
-- CVSS: 10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors: Cisco
-- Affected Products: Cisco WebEx
-- TippingPoint(TM) IPS Customer Protection: TippingPoint IPS customers have been protected against this vulnerability by Digital Vaccine protection filter ID 9936.
-- Vendor Response: Cisco states: This issue has been resolved in T27FR14, deployed to WebEx customers in April.
-- Disclosure Timeline: 2010-01-06 - Vulnerability reported to vendor 2010-08-23 - Coordinated public release of advisory
-- Credit: This vulnerability was discovered by: * Gabriel Menezes Nunes
-- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities.
Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at:
http://www.zerodayinitiative.com
The ZDI is unique in how the acquired vulnerability information is used. TippingPoint does not re-sell the vulnerability details or any exploit code. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product.
Our vulnerability disclosure policy is available online at:
http://www.zerodayinitiative.com/advisories/disclosure_policy/
Follow the ZDI on Twitter:
http://twitter.com/thezdi
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201008-0394",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webex",
"scope": null,
"trust": 0.7,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 fr20",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "27.00"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "26.00"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "27.10"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "26.49.32"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)27.11.8"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)26.49.35"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)27.00"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)26.00"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "27.11.8"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "26.49.35"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-10-155"
},
{
"db": "CNVD",
"id": "CNVD-2010-3478"
},
{
"db": "BID",
"id": "42620"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Gabriel Menezes Nunes",
"sources": [
{
"db": "ZDI",
"id": "ZDI-10-155"
},
{
"db": "BID",
"id": "42620"
}
],
"trust": 1.0
},
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "ZDI-10-155",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CNVD-2010-3478",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "ZDI",
"id": "ZDI-10-155",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2010-3478",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-10-155"
},
{
"db": "CNVD",
"id": "CNVD-2010-3478"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco WebEx Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists during the parsing of strings defined within the ARF file format. Strings are typically prefixed by their valid length. By supplying a string much longer than the defined length a heap overflow will occur which can be further leveraged to execute arbitrary code under the context of the current user. WebEx is the world\u0027s largest provider of network communication services, providing carrier-grade network conferencing solutions. WebEx has been acquired by Cisco. Cisco WebEx is prone to a remote code-execution vulnerability because the software fails to perform adequate boundary checks on user-supplied data. Successful exploits will completely compromise affected computers. Failed exploit attempts will result in a denial-of-service condition. ----------------------------------------------------------------------\n\n\nSecunia receives \u0027Frost \u0026 Sullivan\u0027s Global 2010 Customer Value Enhancement Award\n\nSecunia outshines its competitors and receives the Frost \u0026 Sullivan\u2019s Global 2010 Customer Value Enhancement Award. Based on its recent analysis of the vulnerability research market, Frost \u0026 Sullivan concluded:\n\n\"Secunia provides tremendous value for their customers, end-users, and to other security vendors.\"\n\nRead more: http://secunia.com/blog/117/\n\n\n----------------------------------------------------------------------\n\nTITLE:\nCisco WebEx Player ARF Parsing Buffer Overflow Vulnerability\n\nSECUNIA ADVISORY ID:\nSA41039\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/41039/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=41039\n\nRELEASE DATE:\n2010-08-24\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/41039/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/41039/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=41039\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA vulnerability has been reported in Cisco WebEx Player, which can be\nexploited by malicious people to compromise a user\u0027s system. \n\nSuccessful exploitation may allow execution of arbitrary code. \n\nSOLUTION:\nReportedly fixed in version T27FR14. Contact the vendor for further\ninformation. \n\nPROVIDED AND/OR DISCOVERED BY:\nGabriel Menezes Nunes, reported via ZDI. \n\nORIGINAL ADVISORY:\nhttp://www.zerodayinitiative.com/advisories/ZDI-10-155/\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/products/corporate/EVM/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. ZDI-10-155: Cisco WebEx Player ARF String Parsing Remote Code Execution Vulnerability\nhttp://www.zerodayinitiative.com/advisories/ZDI-10-155\nAugust 23, 2010\n\n-- CVSS:\n10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)\n\n-- Affected Vendors:\nCisco\n\n-- Affected Products:\nCisco WebEx\n\n-- TippingPoint(TM) IPS Customer Protection:\nTippingPoint IPS customers have been protected against this\nvulnerability by Digital Vaccine protection filter ID 9936. \n\n-- Vendor Response:\nCisco states:\nThis issue has been resolved in T27FR14, deployed to WebEx customers in\nApril. \n\n-- Disclosure Timeline:\n2010-01-06 - Vulnerability reported to vendor\n2010-08-23 - Coordinated public release of advisory\n\n-- Credit:\nThis vulnerability was discovered by:\n * Gabriel Menezes Nunes\n\n-- About the Zero Day Initiative (ZDI):\nEstablished by TippingPoint, The Zero Day Initiative (ZDI) represents \na best-of-breed model for rewarding security researchers for responsibly\ndisclosing discovered vulnerabilities. \n\nResearchers interested in getting paid for their security research\nthrough the ZDI can find more information and sign-up at:\n\n http://www.zerodayinitiative.com\n\nThe ZDI is unique in how the acquired vulnerability information is\nused. TippingPoint does not re-sell the vulnerability details or any\nexploit code. Instead, upon notifying the affected product vendor,\nTippingPoint provides its customers with zero day protection through\nits intrusion prevention technology. Explicit details regarding the\nspecifics of the vulnerability are not exposed to any parties until\nan official vendor patch is publicly available. Furthermore, with the\naltruistic aim of helping to secure a broader user base, TippingPoint\nprovides this vulnerability information confidentially to security\nvendors (including competitors) who have a vulnerability protection or\nmitigation product. \n\nOur vulnerability disclosure policy is available online at:\n\n http://www.zerodayinitiative.com/advisories/disclosure_policy/\n\nFollow the ZDI on Twitter:\n\n http://twitter.com/thezdi\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n",
"sources": [
{
"db": "ZDI",
"id": "ZDI-10-155"
},
{
"db": "CNVD",
"id": "CNVD-2010-3478"
},
{
"db": "BID",
"id": "42620"
},
{
"db": "PACKETSTORM",
"id": "93017"
},
{
"db": "PACKETSTORM",
"id": "92975"
}
],
"trust": 1.62
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-10-155",
"trust": 1.2
},
{
"db": "BID",
"id": "42620",
"trust": 0.9
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-627",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2010-3478",
"trust": 0.6
},
{
"db": "SECUNIA",
"id": "41039",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "93017",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "92975",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-10-155"
},
{
"db": "CNVD",
"id": "CNVD-2010-3478"
},
{
"db": "BID",
"id": "42620"
},
{
"db": "PACKETSTORM",
"id": "93017"
},
{
"db": "PACKETSTORM",
"id": "92975"
}
]
},
"id": "VAR-201008-0394",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-3478"
}
],
"trust": 1.1958333300000001
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-3478"
}
]
},
"last_update_date": "2022-05-17T02:10:50.328000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Patch for Cisco WebEx ARF File Parsing Heap Overflow Vulnerability",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/35298"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-3478"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 0.6,
"url": "http://www.securityfocus.com/bid/42620/info"
},
{
"trust": 0.4,
"url": "http://www.zerodayinitiative.com/advisories/zdi-10-155/"
},
{
"trust": 0.3,
"url": "http://www.webex.com/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/41039/"
},
{
"trust": 0.1,
"url": "http://secunia.com/products/corporate/evm/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=41039"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/blog/117/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/41039/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/disclosure_policy/"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://twitter.com/thezdi"
},
{
"trust": 0.1,
"url": "http://www.tippingpoint.com"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-10-155"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2010-3478"
},
{
"db": "BID",
"id": "42620"
},
{
"db": "PACKETSTORM",
"id": "93017"
},
{
"db": "PACKETSTORM",
"id": "92975"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-10-155"
},
{
"db": "CNVD",
"id": "CNVD-2010-3478"
},
{
"db": "BID",
"id": "42620"
},
{
"db": "PACKETSTORM",
"id": "93017"
},
{
"db": "PACKETSTORM",
"id": "92975"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-08-23T00:00:00",
"db": "ZDI",
"id": "ZDI-10-155"
},
{
"date": "2010-08-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-3478"
},
{
"date": "2010-08-23T00:00:00",
"db": "BID",
"id": "42620"
},
{
"date": "2010-08-25T05:38:54",
"db": "PACKETSTORM",
"id": "93017"
},
{
"date": "2010-08-24T00:17:30",
"db": "PACKETSTORM",
"id": "92975"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2010-08-23T00:00:00",
"db": "ZDI",
"id": "ZDI-10-155"
},
{
"date": "2010-08-23T00:00:00",
"db": "CNVD",
"id": "CNVD-2010-3478"
},
{
"date": "2010-08-23T00:00:00",
"db": "BID",
"id": "42620"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "42620"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco WebEx Player ARF String Parsing Remote Code Execution Vulnerability",
"sources": [
{
"db": "ZDI",
"id": "ZDI-10-155"
}
],
"trust": 0.7
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Boundary Condition Error",
"sources": [
{
"db": "BID",
"id": "42620"
}
],
"trust": 0.3
}
}
var-201810-0588
Vulnerability from variot
A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit this vulnerability by sending a user a malicious ARF or WRF file via a link or an email attachment and persuading the user to open the file by using the affected software. A successful exploit could allow the attacker to execute arbitrary code on the affected system. Cisco Webex Network Recording Player and Webex Player Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Crafted data in an ARF file can trigger an integer underflow before a memory write operation. These issues are being tracked by Cisco Bug IDs CSCvj83752, CSCvj83767, CSCvj83771, CSCvj83793, CSCvj83797, CSCvj83803, CSCvj83818, CSCvj83824, CSCvj83831, CSCvj87929, CSCvj87934, CSCvj93870, CSCvj93877, CSCvk31089, CSCvk33049, CSCvk52510, CSCvk52518, CSCvk52521, CSCvk59945, CSCvk59949, CSCvk59950, CSCvk60158, CSCvk60163, CSCvm51315, CSCvm51318, CSCvm51361, CSCvm51371, CSCvm51373, CSCvm51374, CSCvm51382, CSCvm51386, CSCvm51391, CSCvm51393, CSCvm51396, CSCvm51398, CSCvm51412, CSCvm51413, CSCvm54531, and CSCvm54538
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201810-0588",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "2.8"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "2.7"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "2.6"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "webex business suite 31",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "31.23.0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.1.29"
},
{
"model": "webex business suite 33",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "33.5"
},
{
"model": "webex meetings online",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.37"
},
{
"model": "webex business suite 32",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "32.15.10"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.7.1"
},
{
"model": "webex business suite",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "31"
},
{
"model": "webex business suite",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "32"
},
{
"model": "webex business suite",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "33"
},
{
"model": "webex meetings online",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex",
"scope": null,
"trust": 0.7,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite 31",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "31.20"
},
{
"model": "webex business suite 31",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "31.14"
},
{
"model": "webex business suite 31",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "31.15"
},
{
"model": "webex business suite 31",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "31.21"
},
{
"model": "webex business suite 31",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "31.16"
},
{
"model": "webex business suite 31",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "31.19"
},
{
"model": "webex business suite 31",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "31.17"
},
{
"model": "webex business suite 31",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "31.23"
},
{
"model": "webex business suite 31",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "31.18"
},
{
"model": "webex business suite 31",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "31.22"
},
{
"model": "webex player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex network recording player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings server 3.0mr2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server 3.0mr1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server patch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.01"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8.1.2039"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8.1.1034"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8.1.1023"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8.1.1019"
},
{
"model": "webex meetings server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.81"
},
{
"model": "webex meetings server mr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8"
},
{
"model": "webex meetings server 2.7mr2 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.7.1.3047"
},
{
"model": "webex meetings server 2.6mr3 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.1.30"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.0.8"
},
{
"model": "webex meetings server 2.5mr6 patch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6"
},
{
"model": "webex meetings server 2.5mr2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.99.2"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.1.5"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.0.997"
},
{
"model": "webex meetings server mr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "webex meetings server base",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "webex meetings server 2.0mr2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5.1.6"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5.1.131"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5(.1.6)"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5(.1.131)"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.1"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings online",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.3.35"
},
{
"model": "webex meetings online",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex business suite wbs33",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite wbs32",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite wbs31",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server 3.0mr2 patch",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1"
},
{
"model": "webex meetings online",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.3.37"
},
{
"model": "webex business suite wbs33.4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite wbs32.15.20",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite wbs31.23",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1121"
},
{
"db": "BID",
"id": "105520"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010859"
},
{
"db": "NVD",
"id": "CVE-2018-15418"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-208"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_online:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.3.37",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5.1.29:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:maintenance_release1_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:maintenance_release2_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5:maintenance_release2_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5:maintenance_release6_patch2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5:maintenance_release6_patch4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:maintenance_release3_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7:maintenance_release1_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7:maintenance_release2_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5:maintenance_release5_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5:maintenance_release6_patch3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:maintenance_release3_patch2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7:base:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.8:base:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_business_suite_32:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "32.15.10",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_business_suite_33:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "33.5",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_business_suite_31:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "31.23.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-15418"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Steven Seeley (mr_me) of Source Incite",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1121"
}
],
"trust": 0.7
},
"cve": "CVE-2018-15418",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-15418",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 4.9,
"id": "CVE-2018-15418",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "MEDIUM",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-125675",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-15418",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-15418",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2018-15418",
"trust": 0.7,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201810-208",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-125675",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1121"
},
{
"db": "VULHUB",
"id": "VHN-125675"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010859"
},
{
"db": "NVD",
"id": "CVE-2018-15418"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-208"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit this vulnerability by sending a user a malicious ARF or WRF file via a link or an email attachment and persuading the user to open the file by using the affected software. A successful exploit could allow the attacker to execute arbitrary code on the affected system. Cisco Webex Network Recording Player and Webex Player Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Crafted data in an ARF file can trigger an integer underflow before a memory write operation. \nThese issues are being tracked by Cisco Bug IDs CSCvj83752, CSCvj83767, CSCvj83771, CSCvj83793, CSCvj83797, CSCvj83803, CSCvj83818, CSCvj83824, CSCvj83831, CSCvj87929, CSCvj87934, CSCvj93870, CSCvj93877, CSCvk31089, CSCvk33049, CSCvk52510, CSCvk52518, CSCvk52521, CSCvk59945, CSCvk59949, CSCvk59950, CSCvk60158, CSCvk60163, CSCvm51315, CSCvm51318, CSCvm51361, CSCvm51371, CSCvm51373, CSCvm51374, CSCvm51382, CSCvm51386, CSCvm51391, CSCvm51393, CSCvm51396, CSCvm51398, CSCvm51412, CSCvm51413, CSCvm54531, and CSCvm54538",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-15418"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010859"
},
{
"db": "ZDI",
"id": "ZDI-18-1121"
},
{
"db": "BID",
"id": "105520"
},
{
"db": "VULHUB",
"id": "VHN-125675"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-15418",
"trust": 3.5
},
{
"db": "BID",
"id": "105520",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1041795",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010859",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-6313",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-1121",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201810-208",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-125675",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1121"
},
{
"db": "VULHUB",
"id": "VHN-125675"
},
{
"db": "BID",
"id": "105520"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010859"
},
{
"db": "NVD",
"id": "CVE-2018-15418"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-208"
}
]
},
"id": "VAR-201810-0588",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-125675"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:01:09.705000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20181003-webex-rce",
"trust": 1.5,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20181003-webex-rce"
},
{
"title": "Cisco Webex Network Recording Player and Webex Player Enter the fix for the verification vulnerability",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=85422"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1121"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010859"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-208"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-191",
"trust": 1.1
},
{
"problemtype": "CWE-20",
"trust": 0.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-125675"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010859"
},
{
"db": "NVD",
"id": "CVE-2018-15418"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20181003-webex-rce"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/105520"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1041795"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-15418"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-15418"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1121"
},
{
"db": "VULHUB",
"id": "VHN-125675"
},
{
"db": "BID",
"id": "105520"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010859"
},
{
"db": "NVD",
"id": "CVE-2018-15418"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-208"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-18-1121"
},
{
"db": "VULHUB",
"id": "VHN-125675"
},
{
"db": "BID",
"id": "105520"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010859"
},
{
"db": "NVD",
"id": "CVE-2018-15418"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-208"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-08T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1121"
},
{
"date": "2018-10-05T00:00:00",
"db": "VULHUB",
"id": "VHN-125675"
},
{
"date": "2018-10-03T00:00:00",
"db": "BID",
"id": "105520"
},
{
"date": "2018-12-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010859"
},
{
"date": "2018-10-05T14:29:10.403000",
"db": "NVD",
"id": "CVE-2018-15418"
},
{
"date": "2018-10-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-208"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-08T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1121"
},
{
"date": "2020-09-14T00:00:00",
"db": "VULHUB",
"id": "VHN-125675"
},
{
"date": "2018-10-03T00:00:00",
"db": "BID",
"id": "105520"
},
{
"date": "2018-12-26T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010859"
},
{
"date": "2020-09-14T20:20:14.083000",
"db": "NVD",
"id": "CVE-2018-15418"
},
{
"date": "2022-03-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-208"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201810-208"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Webex Network Recording Player and Webex Player Input validation vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010859"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "digital error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201810-208"
}
],
"trust": 0.6
}
}
var-201210-0318
Vulnerability from variot
Heap-based buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCtz72850. Cisco WebEx is prone to multiple remote memory-corruption vulnerabilities. An attacker can exploit these issues to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions. Cisco WebEx is a set of Web conferencing tools developed by American Cisco (Cisco), which can assist office workers in different places to coordinate and cooperate. WebEx services include Web conferencing, telepresence video conferencing and enterprise instant messaging (IM). Cisco WebEx Player is used to play the WebEx meeting records recorded by participants on their computers. ----------------------------------------------------------------------
The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/
TITLE: Cisco WebEx Recording Format Player Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA50905
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/50905/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=50905
RELEASE DATE: 2012-10-11
DISCUSS ADVISORY: http://secunia.com/advisories/50905/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/50905/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=50905
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Cisco WebEx Recording Format Player, which can be exploited by malicious people to compromise a user's system.
1) An unspecified error can be exploited to cause a buffer overflow via a specially crafted WRF file.
2) An unspecified error can be exploited to cause a buffer overflow via a specially crafted WRF file.
3) An unspecified error can be exploited to cause a buffer overflow via a specially crafted WRF file.
4) An unspecified error can be exploited to corrupt memory via a specially crafted WRF file.
5) An unspecified error can be exploited to cause a buffer overflow via a specially crafted WRF file.
6) An unspecified error can be exploited to cause a heap-based buffer overflow via a specially crafted WRF file.
Successful exploitation of the vulnerabilities may allow execution of arbitrary code.
The vulnerabilities are reported in the following versions: * T28 client builds prior to T28.4 (28.4) * T27 client builds prior to T27LDSP32EP10 (27.32.10)
SOLUTION: Update to version 28.4 or 27.32.10.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: The vendor credits Beyond Security, Core Security, Codenomicon, and TELUS.
ORIGINAL ADVISORY: Cisco: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-webex
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201210-0318",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webex recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.25.10"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.21.10"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.32.1"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.11.26"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "28.0.0"
},
{
"model": "webex recording format player",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "t28 client build"
},
{
"model": "webex recording format player",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "t27 client build"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "t28.4 (28.4)"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "t27ldsp32ep10 (27.32.10)"
},
{
"model": "webex t27 ld sp32 cp1",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 ld sp32",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 lc sp25 ep9",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 lc sp25 ep10",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 lb sp21 ep10",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 l sp11 ep26",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 fr20",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "27.00"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "27.10"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)27.11.8"
},
{
"model": "webex (mac os t27 sp28",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 sp25 ep3",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 sp23",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 sp21 ep9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 sp11 ep23",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 ld sp32 cp1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 ld sp32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 lc sp25 ep9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 lc sp25 ep10",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 lb sp21 ep10",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 l sp11 ep26",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 fr20",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)27.00"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "27.11.8"
},
{
"model": "webex t27 sp28",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 sp25 ep3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 sp23",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 sp21 ep9",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 sp11 ep23",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "55866"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005136"
},
{
"db": "NVD",
"id": "CVE-2012-3941"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-238"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:27.21.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:27.11.26:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:27.25.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:28.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:27.32.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-3941"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Beyond Security, Core Security, Codenomicon, and TELUS",
"sources": [
{
"db": "BID",
"id": "55866"
}
],
"trust": 0.3
},
"cve": "CVE-2012-3941",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2012-3941",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-57222",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-3941",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201210-238",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-57222",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57222"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005136"
},
{
"db": "NVD",
"id": "CVE-2012-3941"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-238"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Heap-based buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCtz72850. Cisco WebEx is prone to multiple remote memory-corruption vulnerabilities. \nAn attacker can exploit these issues to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions. Cisco WebEx is a set of Web conferencing tools developed by American Cisco (Cisco), which can assist office workers in different places to coordinate and cooperate. WebEx services include Web conferencing, telepresence video conferencing and enterprise instant messaging (IM). Cisco WebEx Player is used to play the WebEx meeting records recorded by participants on their computers. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nCisco WebEx Recording Format Player Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA50905\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/50905/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50905\n\nRELEASE DATE:\n2012-10-11\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/50905/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/50905/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50905\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Cisco WebEx Recording\nFormat Player, which can be exploited by malicious people to\ncompromise a user\u0027s system. \n\n1) An unspecified error can be exploited to cause a buffer overflow\nvia a specially crafted WRF file. \n\n2) An unspecified error can be exploited to cause a buffer overflow\nvia a specially crafted WRF file. \n\n3) An unspecified error can be exploited to cause a buffer overflow\nvia a specially crafted WRF file. \n\n4) An unspecified error can be exploited to corrupt memory via a\nspecially crafted WRF file. \n\n5) An unspecified error can be exploited to cause a buffer overflow\nvia a specially crafted WRF file. \n\n6) An unspecified error can be exploited to cause a heap-based buffer\noverflow via a specially crafted WRF file. \n\nSuccessful exploitation of the vulnerabilities may allow execution of\narbitrary code. \n\nThe vulnerabilities are reported in the following versions:\n* T28 client builds prior to T28.4 (28.4)\n* T27 client builds prior to T27LDSP32EP10 (27.32.10)\n\nSOLUTION:\nUpdate to version 28.4 or 27.32.10. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits Beyond Security, Core Security, Codenomicon, and\nTELUS. \n\nORIGINAL ADVISORY:\nCisco:\nhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-webex\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-3941"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005136"
},
{
"db": "BID",
"id": "55866"
},
{
"db": "VULHUB",
"id": "VHN-57222"
},
{
"db": "PACKETSTORM",
"id": "117325"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-3941",
"trust": 2.8
},
{
"db": "BID",
"id": "55866",
"trust": 1.4
},
{
"db": "OSVDB",
"id": "86140",
"trust": 1.1
},
{
"db": "SECTRACK",
"id": "1027639",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005136",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201210-238",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "50905",
"trust": 0.7
},
{
"db": "CISCO",
"id": "20121010 MULTIPLE VULNERABILITIES IN THE CISCO WEBEX RECORDING FORMAT PLAYER",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-57222",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "117325",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57222"
},
{
"db": "BID",
"id": "55866"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005136"
},
{
"db": "PACKETSTORM",
"id": "117325"
},
{
"db": "NVD",
"id": "CVE-2012-3941"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-238"
}
]
},
"id": "VAR-201210-0318",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-57222"
}
],
"trust": 0.69583333
},
"last_update_date": "2023-12-18T13:09:37.466000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20121010-webex",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20121010-webex"
},
{
"title": "27109",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=27109"
},
{
"title": "cisco-sa-20121010-webex",
"trust": 0.8,
"url": "http://www.cisco.com/cisco/web/support/jp/111/1116/1116639_cisco-sa-20121010-webex-j.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-005136"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57222"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005136"
},
{
"db": "NVD",
"id": "CVE-2012-3941"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20121010-webex"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/55866"
},
{
"trust": 1.1,
"url": "http://osvdb.org/86140"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1027639"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3941"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-3941"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/50905"
},
{
"trust": 0.3,
"url": "http://www.webex.com/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50905"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50905/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/blog/325/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50905/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57222"
},
{
"db": "BID",
"id": "55866"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005136"
},
{
"db": "PACKETSTORM",
"id": "117325"
},
{
"db": "NVD",
"id": "CVE-2012-3941"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-238"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-57222"
},
{
"db": "BID",
"id": "55866"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005136"
},
{
"db": "PACKETSTORM",
"id": "117325"
},
{
"db": "NVD",
"id": "CVE-2012-3941"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-238"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-10-25T00:00:00",
"db": "VULHUB",
"id": "VHN-57222"
},
{
"date": "2012-10-10T00:00:00",
"db": "BID",
"id": "55866"
},
{
"date": "2012-10-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-005136"
},
{
"date": "2012-10-11T10:07:14",
"db": "PACKETSTORM",
"id": "117325"
},
{
"date": "2012-10-25T14:55:03.813000",
"db": "NVD",
"id": "CVE-2012-3941"
},
{
"date": "2012-10-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201210-238"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-05-04T00:00:00",
"db": "VULHUB",
"id": "VHN-57222"
},
{
"date": "2015-03-19T09:16:00",
"db": "BID",
"id": "55866"
},
{
"date": "2012-10-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-005136"
},
{
"date": "2013-05-04T03:20:03.957000",
"db": "NVD",
"id": "CVE-2012-3941"
},
{
"date": "2012-10-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201210-238"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201210-238"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco WebEx Recording Format Player Heap-based buffer overflow vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-005136"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201210-238"
}
],
"trust": 0.6
}
}
var-201805-0523
Vulnerability from variot
A vulnerability in Cisco WebEx Recording Format (WRF) Player could allow an unauthenticated, remote attacker to access sensitive data about the application. An attacker could exploit this vulnerability to gain information to conduct additional reconnaissance attacks. The vulnerability is due to a design flaw in Cisco WRF Player. An attacker could exploit this vulnerability by utilizing a maliciously crafted file that could bypass checks in the code and enable an attacker to read memory from outside the bounds of the mapped file. This vulnerability affects Cisco WebEx Business Suite meeting sites, Cisco WebEx Meetings sites, and Cisco WebEx WRF players. Cisco Bug IDs: CSCvh89107, CSCvh89113, CSCvh89132, CSCvh89142. Vendors have confirmed this vulnerability Bug ID CSCvh89107 , CSCvh89113 , CSCvh89132 ,and CSCvh89142 It is released as.Information may be obtained. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the processing of WRF files. Crafted data in a WRF file can trigger a read past the end of a mapped view of a file. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201805-0523",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webex meetings online",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "t31.20"
},
{
"model": "webex meetings online",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "t31.20.2"
},
{
"model": "webex",
"scope": null,
"trust": 1.4,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex wrf player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex business suite",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-425"
},
{
"db": "ZDI",
"id": "ZDI-18-424"
},
{
"db": "BID",
"id": "104091"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004923"
},
{
"db": "NVD",
"id": "CVE-2018-0288"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-073"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_online:t31.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_online:t31.20.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-0288"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Anonymous",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-425"
},
{
"db": "ZDI",
"id": "ZDI-18-424"
}
],
"trust": 1.4
},
"cve": "CVE-2018-0288",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 4.9,
"id": "CVE-2018-0288",
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "LOW",
"trust": 1.4,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.0,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2018-0288",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-118490",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 3.9,
"impactScore": 1.4,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 5.3,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2018-0288",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-0288",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "ZDI",
"id": "CVE-2018-0288",
"trust": 1.4,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-201805-073",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-118490",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-425"
},
{
"db": "ZDI",
"id": "ZDI-18-424"
},
{
"db": "VULHUB",
"id": "VHN-118490"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004923"
},
{
"db": "NVD",
"id": "CVE-2018-0288"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-073"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in Cisco WebEx Recording Format (WRF) Player could allow an unauthenticated, remote attacker to access sensitive data about the application. An attacker could exploit this vulnerability to gain information to conduct additional reconnaissance attacks. The vulnerability is due to a design flaw in Cisco WRF Player. An attacker could exploit this vulnerability by utilizing a maliciously crafted file that could bypass checks in the code and enable an attacker to read memory from outside the bounds of the mapped file. This vulnerability affects Cisco WebEx Business Suite meeting sites, Cisco WebEx Meetings sites, and Cisco WebEx WRF players. Cisco Bug IDs: CSCvh89107, CSCvh89113, CSCvh89132, CSCvh89142. Vendors have confirmed this vulnerability Bug ID CSCvh89107 , CSCvh89113 , CSCvh89132 ,and CSCvh89142 It is released as.Information may be obtained. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the processing of WRF files. Crafted data in a WRF file can trigger a read past the end of a mapped view of a file. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-0288"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004923"
},
{
"db": "ZDI",
"id": "ZDI-18-425"
},
{
"db": "ZDI",
"id": "ZDI-18-424"
},
{
"db": "BID",
"id": "104091"
},
{
"db": "VULHUB",
"id": "VHN-118490"
}
],
"trust": 3.24
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-0288",
"trust": 4.2
},
{
"db": "BID",
"id": "104091",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1040825",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004923",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5599",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-425",
"trust": 0.7
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-5598",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-424",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201805-073",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-118490",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-425"
},
{
"db": "ZDI",
"id": "ZDI-18-424"
},
{
"db": "VULHUB",
"id": "VHN-118490"
},
{
"db": "BID",
"id": "104091"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004923"
},
{
"db": "NVD",
"id": "CVE-2018-0288"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-073"
}
]
},
"id": "VAR-201805-0523",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-118490"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:18:51.230000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Cisco has issued an update to correct this vulnerability.",
"trust": 1.4,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180502-webex-id"
},
{
"title": "cisco-sa-20180502-webex-id",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180502-webex-id#vp"
},
{
"title": "Cisco WebEx Business Suite meeting sites and WebEx Meetings sites WebEx Recording Format Player Information disclosure vulnerability Repair measures",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=79809"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-425"
},
{
"db": "ZDI",
"id": "ZDI-18-424"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004923"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-073"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-118490"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004923"
},
{
"db": "NVD",
"id": "CVE-2018-0288"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.4,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180502-webex-id"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/104091"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1040825"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0288"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-0288"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-425"
},
{
"db": "ZDI",
"id": "ZDI-18-424"
},
{
"db": "VULHUB",
"id": "VHN-118490"
},
{
"db": "BID",
"id": "104091"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004923"
},
{
"db": "NVD",
"id": "CVE-2018-0288"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-073"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-18-425"
},
{
"db": "ZDI",
"id": "ZDI-18-424"
},
{
"db": "VULHUB",
"id": "VHN-118490"
},
{
"db": "BID",
"id": "104091"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-004923"
},
{
"db": "NVD",
"id": "CVE-2018-0288"
},
{
"db": "CNNVD",
"id": "CNNVD-201805-073"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-05-14T00:00:00",
"db": "ZDI",
"id": "ZDI-18-425"
},
{
"date": "2018-05-14T00:00:00",
"db": "ZDI",
"id": "ZDI-18-424"
},
{
"date": "2018-05-02T00:00:00",
"db": "VULHUB",
"id": "VHN-118490"
},
{
"date": "2018-05-02T00:00:00",
"db": "BID",
"id": "104091"
},
{
"date": "2018-06-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-004923"
},
{
"date": "2018-05-02T22:29:01.387000",
"db": "NVD",
"id": "CVE-2018-0288"
},
{
"date": "2018-05-03T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-073"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-05-14T00:00:00",
"db": "ZDI",
"id": "ZDI-18-425"
},
{
"date": "2018-05-14T00:00:00",
"db": "ZDI",
"id": "ZDI-18-424"
},
{
"date": "2020-09-04T00:00:00",
"db": "VULHUB",
"id": "VHN-118490"
},
{
"date": "2018-05-02T00:00:00",
"db": "BID",
"id": "104091"
},
{
"date": "2018-06-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-004923"
},
{
"date": "2020-09-04T18:34:06.920000",
"db": "NVD",
"id": "CVE-2018-0288"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201805-073"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-073"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco WebEx Recorder and Player WRF File Length Field Out-Of-Bounds Read Information Disclosure Vulnerability",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-425"
},
{
"db": "ZDI",
"id": "ZDI-18-424"
}
],
"trust": 1.4
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201805-073"
}
],
"trust": 0.6
}
}
var-201810-0624
Vulnerability from variot
A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit this vulnerability by sending a user a malicious ARF or WRF file via a link or an email attachment and persuading the user to open the file by using the affected software. A successful exploit could allow the attacker to execute arbitrary code on the affected system. Cisco Webex Network Recording Player and Webex Player Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. These issues are being tracked by Cisco Bug IDs CSCvj83752, CSCvj83767, CSCvj83771, CSCvj83793, CSCvj83797, CSCvj83803, CSCvj83818, CSCvj83824, CSCvj83831, CSCvj87929, CSCvj87934, CSCvj93870, CSCvj93877, CSCvk31089, CSCvk33049, CSCvk52510, CSCvk52518, CSCvk52521, CSCvk59945, CSCvk59949, CSCvk59950, CSCvk60158, CSCvk60163, CSCvm51315, CSCvm51318, CSCvm51361, CSCvm51371, CSCvm51373, CSCvm51374, CSCvm51382, CSCvm51386, CSCvm51391, CSCvm51393, CSCvm51396, CSCvm51398, CSCvm51412, CSCvm51413, CSCvm54531, and CSCvm54538
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201810-0624",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.9,
"vendor": "cisco",
"version": "2.8"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.9,
"vendor": "cisco",
"version": "2.7"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.9,
"vendor": "cisco",
"version": "2.6"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "2.7.1"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "webex business suite 33",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "33.3"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 1.0,
"vendor": "cisco",
"version": "2.5.1.29"
},
{
"model": "webex meetings online",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "1.3.37"
},
{
"model": "webex business suite 32",
"scope": "lt",
"trust": 1.0,
"vendor": "cisco",
"version": "32.15.30"
},
{
"model": "webex business suite",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings online",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex",
"scope": null,
"trust": 0.7,
"vendor": "cisco",
"version": null
},
{
"model": "webex player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex network recording player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings server 3.0mr2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server 3.0mr1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server patch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.01"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8.1.2039"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8.1.1034"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8.1.1023"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8.1.1019"
},
{
"model": "webex meetings server sp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.81"
},
{
"model": "webex meetings server mr2",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.8"
},
{
"model": "webex meetings server 2.7mr2 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.7.1.3047"
},
{
"model": "webex meetings server 2.6mr3 sp",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.1.30"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.6.0.8"
},
{
"model": "webex meetings server 2.5mr6 patch",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6"
},
{
"model": "webex meetings server 2.5mr2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.99.2"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.1.5"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5.0.997"
},
{
"model": "webex meetings server mr1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "webex meetings server base",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.5"
},
{
"model": "webex meetings server 2.0mr2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "2.0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5.1.6"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5.1.131"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5(.1.6)"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5(.1.131)"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.5"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.1"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"model": "webex meetings server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex meetings online",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.3.35"
},
{
"model": "webex meetings online",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex business suite wbs33",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite wbs32",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite wbs31",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings server 3.0mr2 patch",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1"
},
{
"model": "webex meetings online",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "1.3.37"
},
{
"model": "webex business suite wbs33.4",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite wbs32.15.20",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex business suite wbs31.23",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": null
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1122"
},
{
"db": "BID",
"id": "105520"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010558"
},
{
"db": "NVD",
"id": "CVE-2018-15408"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-199"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_online:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.3.37",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5:maintenance_release6_patch4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5:maintenance_release6_patch3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5.1.29:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.8:base:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7:maintenance_release2_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7:maintenance_release1_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7:base:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:maintenance_release3_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:maintenance_release1_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5:maintenance_release2_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5:maintenance_release6_patch2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.5:maintenance_release5_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:maintenance_release3_patch2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings_server:2.6:maintenance_release2_patch1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_business_suite_32:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "32.15.30",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_business_suite_33:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "33.3",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-15408"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Michael Flanders of Trend Micro Zero Day Initiative",
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1122"
}
],
"trust": 0.7
},
"cve": "CVE-2018-15408",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2018-15408",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 1.5,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-125664",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Local",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 7.8,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2018-15408",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-15408",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2018-15408",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201810-199",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-125664",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1122"
},
{
"db": "VULHUB",
"id": "VHN-125664"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010558"
},
{
"db": "NVD",
"id": "CVE-2018-15408"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-199"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit this vulnerability by sending a user a malicious ARF or WRF file via a link or an email attachment and persuading the user to open the file by using the affected software. A successful exploit could allow the attacker to execute arbitrary code on the affected system. Cisco Webex Network Recording Player and Webex Player Contains an input validation vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. \nThese issues are being tracked by Cisco Bug IDs CSCvj83752, CSCvj83767, CSCvj83771, CSCvj83793, CSCvj83797, CSCvj83803, CSCvj83818, CSCvj83824, CSCvj83831, CSCvj87929, CSCvj87934, CSCvj93870, CSCvj93877, CSCvk31089, CSCvk33049, CSCvk52510, CSCvk52518, CSCvk52521, CSCvk59945, CSCvk59949, CSCvk59950, CSCvk60158, CSCvk60163, CSCvm51315, CSCvm51318, CSCvm51361, CSCvm51371, CSCvm51373, CSCvm51374, CSCvm51382, CSCvm51386, CSCvm51391, CSCvm51393, CSCvm51396, CSCvm51398, CSCvm51412, CSCvm51413, CSCvm54531, and CSCvm54538",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-15408"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010558"
},
{
"db": "ZDI",
"id": "ZDI-18-1122"
},
{
"db": "BID",
"id": "105520"
},
{
"db": "VULHUB",
"id": "VHN-125664"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-15408",
"trust": 3.5
},
{
"db": "BID",
"id": "105520",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1041795",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010558",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-6318",
"trust": 0.7
},
{
"db": "ZDI",
"id": "ZDI-18-1122",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201810-199",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-125664",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1122"
},
{
"db": "VULHUB",
"id": "VHN-125664"
},
{
"db": "BID",
"id": "105520"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010558"
},
{
"db": "NVD",
"id": "CVE-2018-15408"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-199"
}
]
},
"id": "VAR-201810-0624",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-125664"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:01:09.411000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20181003-webex-rce",
"trust": 1.5,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20181003-webex-rce"
},
{
"title": "Cisco Webex Network Recording Player and Webex Player Enter the fix for the verification vulnerability",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=85413"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1122"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010558"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-199"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-125664"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010558"
},
{
"db": "NVD",
"id": "CVE-2018-15408"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20181003-webex-rce"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/105520"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1041795"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-15408"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-15408"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-18-1122"
},
{
"db": "VULHUB",
"id": "VHN-125664"
},
{
"db": "BID",
"id": "105520"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010558"
},
{
"db": "NVD",
"id": "CVE-2018-15408"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-199"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-18-1122"
},
{
"db": "VULHUB",
"id": "VHN-125664"
},
{
"db": "BID",
"id": "105520"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-010558"
},
{
"db": "NVD",
"id": "CVE-2018-15408"
},
{
"db": "CNNVD",
"id": "CNNVD-201810-199"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-08T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1122"
},
{
"date": "2018-10-05T00:00:00",
"db": "VULHUB",
"id": "VHN-125664"
},
{
"date": "2018-10-03T00:00:00",
"db": "BID",
"id": "105520"
},
{
"date": "2018-12-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010558"
},
{
"date": "2018-10-05T14:29:09.247000",
"db": "NVD",
"id": "CVE-2018-15408"
},
{
"date": "2018-10-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-199"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-08T00:00:00",
"db": "ZDI",
"id": "ZDI-18-1122"
},
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-125664"
},
{
"date": "2018-10-03T00:00:00",
"db": "BID",
"id": "105520"
},
{
"date": "2018-12-17T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-010558"
},
{
"date": "2019-10-09T23:35:33.217000",
"db": "NVD",
"id": "CVE-2018-15408"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201810-199"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201810-199"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Webex Network Recording Player and Webex Player Input validation vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-010558"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201810-199"
}
],
"trust": 0.6
}
}
var-201102-0308
Vulnerability from variot
Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted (1) .wrf or (2) .arf file, a different vulnerability than CVE-2010-3041, CVE-2010-3043, and CVE-2010-3044. Cisco WebEx is prone to multiple remote buffer-overflow vulnerabilities because it fails to perform adequate boundary-checks on user-supplied data. Failed exploit attempts will result in a denial-of-service condition.
The Cisco WebEx Players are applications that are used to play back WebEx meeting recordings that have been recorded on the computer of an on-line meeting attendee. The players can be automatically installed when the user accesses a recording file that is hosted on a WebEx server. The player can also be manually installed for offline playback after downloading the application from www.webex.com
If the WebEx recording player was automatically installed, it will be automatically upgraded to the latest, non-vulnerable version when users access a recording file that is hosted on a WebEx server. If the WebEx recording player was manually installed, users will need to manually install a new version of the player after downloading the latest version from www.webex.com
Cisco has released free software updates that address these vulnerabilities.
This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20110201-webex.shtml.
Affected Products
Vulnerable Products +------------------
The vulnerabilities disclosed in this advisory affect the Cisco WebEx recording players. Microsoft Windows, Apple Mac OS X, and Linux versions of the player are all affected. Affected versions of the players are those prior to client builds T27LC SP22 and T27LB SP21 EP3. Customers who have contractual agreements that prevent WebEx from automatically upgrading a recording player to the latest version should contact their account manager to determine upgrade options.
To determine whether a Cisco WebEx server is running an affected version of the WebEx client build, users can log in to their Cisco WebEx server and go to the Support > Downloads section. The version of the WebEx client build will be displayed on the right side of the page under "About Support Center." See "Software Versions and Fixes" for details.
Cisco recommends that users upgrade to the most current version of the player that is available from www.webex.com/downloadplayer.html
Products Confirmed Not Vulnerable +--------------------------------
No other Cisco products are currently known to be affected by these vulnerabilities.
Details
The WebEx meeting service is a hosted multimedia conferencing solution that is managed and maintained by Cisco WebEx. The WRF and ARF file formats are used to store WebEx meeting recordings that have been recorded on the computer of an on-line meeting attendee. The players are applications that are used to play back and edit recording files (files with .wrf and .arf extensions). The recording players can be automatically installed when the user accesses a recording file that is hosted on a WebEx server (for stream playback mode). The recording players can also be manually installed after downloading the application from www.webex.com/downloadplayer.html to play back recording files locally (for offline playback mode).
Multiple buffer overflow vulnerabilities exist in the WRF and ARF players. The vulnerabilities may lead to a crash of the player application or, in some cases, remote code execution could occur.
To exploit one of these vulnerabilities, the player application would need to open a malicious WRF or ARF file. An attacker may be able to accomplish this exploit by providing the malicious recording file directly to users (for example, by using e-mail) or by directing a user to a malicious web page. The vulnerability cannot be triggered by users who are attending a WebEx meeting.
These vulnerabilities have been assigned the following Common Vulnerabilities and Exposures (CVE) identifiers:
- CVE-2010-3269
- CVE-2010-3041
- CVE-2010-3042
- CVE-2010-3043
- CVE-2010-3044
Vulnerability Scoring Details
Cisco has provided scores for the vulnerabilities in this advisory based on the Common Vulnerability Scoring System (CVSS). The CVSS scoring in this Security Advisory is done in accordance with CVSS version 2.0.
CVSS is a standards-based scoring method that conveys vulnerability severity and helps determine urgency and priority of response.
Cisco has provided a base and temporal score. Customers can then compute environmental scores to assist in determining the impact of the vulnerability in individual networks.
Cisco has provided an FAQ to answer additional questions regarding CVSS at:
http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html
Cisco has also provided a CVSS calculator to help compute the environmental impact for individual networks at:
http://intellishield.cisco.com/security/alertmanager/cvss
- Multiple Cisco WebEx Player Buffer Overflow Vulnerabilities
CVSS Base Score - 9.3 Access Vector - Network Access Complexity - Medium Authentication - None Confidentiality Impact - Complete Integrity Impact - Complete Availability Impact - Complete
CVSS Temporal Score - 7.7 Exploitability - Functional Remediation Level - Official-Fix Report Confidence - Confirmed
Impact
Successful exploitation of the vulnerabilities described in this document could result in a crash of the Cisco WebEx ARF Player or WRF Player application and, in some cases, allow a remote attacker to execute arbitrary code on the system with the privileges of the user who is running the recording player application.
Software Versions and Fixes
When considering software upgrades, also consult http://www.cisco.com/go/psirt and any subsequent advisories to determine exposure and a complete upgrade solution.
These vulnerabilities are first fixed in T27LC SP22 and T27LB SP21 EP3. For customers who are running T27LC SP22, the client build will be represented as 27.22SP.0.9253. The fix for customers who are running T27LB SP21 will be deployed by WebEx over the next few weeks. The client build will be determined after the software is deployed.
The client build is listed in the Support > Downloads section of the WebEx page after a user authenticates. WebEx bug fixes are cumulative in a major release. For example, if release 27.22SP.0 is fixed, release 27.22SP.1 will also have the software fix.
If a recording player was automatically installed, it will be automatically upgraded to the latest, nonvulnerable version when users access a recording file that is hosted on a WebEx server.
If a WebEx recording player was manually installed, users will need to manually install a new version of the player after downloading the latest version from www.webex.com/downloadplayer.html
Workarounds
There are no workarounds for the vulnerabilities disclosed in this advisory.
Obtaining Fixed Software
Cisco has released free software updates that address these vulnerabilities. Prior to deploying software, customers should consult their maintenance provider or check the software for feature set compatibility and known issues specific to their environment.
Customers may only install and expect support for the feature sets they have purchased. By installing, downloading, accessing or otherwise using such software upgrades, customers agree to be bound by the terms of Cisco's software license terms found at http://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html, or as otherwise set forth at Cisco.com Downloads at http://www.cisco.com/public/sw-center/sw-usingswc.shtml
Do not contact psirt@cisco.com or security-alert@cisco.com for software upgrades.
Exploitation and Public Announcements
The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability described in this advisory.
These vulnerabilities were either found during internal testing or reported to Cisco by a variety of sources, including Core Security, TippingPoint, and Fortinet's FortiGuard Labs.
Cisco would like to thank these organizations for reporting these vulnerabilities.
Status of this Notice: FINAL
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.
A stand-alone copy or Paraphrase of the text of this document that omits the distribution URL in the following section is an uncontrolled copy, and may lack important information or contain factual errors.
Distribution
This advisory is posted on Cisco's worldwide website at :
http://www.cisco.com/warp/public/707/cisco-sa-20110201-webex.shtml
In addition to worldwide web posting, a text version of this notice is clear-signed with the Cisco PSIRT PGP key and is posted to the following e-mail and Usenet news recipients.
- cust-security-announce@cisco.com
- first-bulletins@lists.first.org
- bugtraq@securityfocus.com
- vulnwatch@vulnwatch.org
- cisco@spot.colorado.edu
- cisco-nsp@puck.nether.net
- full-disclosure@lists.grok.org.uk
- comp.dcom.sys.cisco@newsgate.cisco.com
Future updates of this advisory, if any, will be placed on Cisco's worldwide website, but may or may not be actively announced on mailing lists or newsgroups. Users concerned about this problem are encouraged to check the above URL for any updates.
Revision History
+---------------------------------------+ | Revision | | Initial | | 1.0 | 2011-Feb-01 | public | | | | release. | +---------------------------------------+
Cisco Security Procedures
Complete information on reporting security vulnerabilities in Cisco products, obtaining assistance with security incidents, and registering to receive security information from Cisco, is available on Cisco's worldwide website at http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html. This includes instructions for press inquiries regarding Cisco security notices. All Cisco security advisories are available at http://www.cisco.com/go/psirt.
+-------------------------------------------------------------------- Copyright 2010-2011 Cisco Systems, Inc. All rights reserved. +--------------------------------------------------------------------
-----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.14 (Darwin)
iF4EAREIAAYFAk1IQjoACgkQQXnnBKKRMNCpdQEAg/vWtP38VKH2ZDeL9QMQfx6E M8nIZdeL2XGonJpT60IA/0APzTbZPE+9rWTi1Z0lJqIgCjHls3jo+sGQWSPvxxkS =Ur/Y -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201102-0308",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webex recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.12"
},
{
"model": "webex advanced recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "26.49"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.13"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "26.49"
},
{
"model": "webex advanced recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.11.0.3328"
},
{
"model": "webex advanced recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.10"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.11.0.3328"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.10"
},
{
"model": "webex advanced recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.12"
},
{
"model": "webex advanced recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.13"
},
{
"model": "webex advanced recording format player",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "t27lb of sp21 ep3"
},
{
"model": "webex advanced recording format player",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "t27lc of sp22"
},
{
"model": "webex recording format player",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "t27lb of sp21 ep3"
},
{
"model": "webex recording format player",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "t27lc of sp22"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "27.00"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "26.00"
},
{
"model": "webex 27lc sp22",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex 27lb sp21 ep3",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "27.10"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "26.49.32"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)27.11.8"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)26.49.35"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)27.00"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)26.00"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "27.11.8"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "26.49.35"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex (mac os 27lc sp22",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os 27lb sp21 ep3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
}
],
"sources": [
{
"db": "BID",
"id": "46075"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003858"
},
{
"db": "NVD",
"id": "CVE-2010-3042"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-029"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:27.11.0.3328:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:27.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:27.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:26.49:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:27.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:26.49:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:27.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:27.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:27.11.0.3328:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:27.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2010-3042"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Federico MuttisTippingPoint \u003chttp://www.tippingpoint.com/\u003e",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201102-029"
}
],
"trust": 0.6
},
"cve": "CVE-2010-3042",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2010-3042",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-45647",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2010-3042",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201102-029",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-45647",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-45647"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003858"
},
{
"db": "NVD",
"id": "CVE-2010-3042"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-029"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted (1) .wrf or (2) .arf file, a different vulnerability than CVE-2010-3041, CVE-2010-3043, and CVE-2010-3044. Cisco WebEx is prone to multiple remote buffer-overflow vulnerabilities because it fails to perform adequate boundary-checks on user-supplied data. Failed exploit attempts will result in a denial-of-service condition. \n\nThe Cisco WebEx Players are applications that are used to play back\nWebEx meeting recordings that have been recorded on the computer of\nan on-line meeting attendee. The players can be automatically\ninstalled when the user accesses a recording file that is hosted on a\nWebEx server. The player can also be manually installed for offline\nplayback after downloading the application from www.webex.com\n\nIf the WebEx recording player was automatically installed, it will be\nautomatically upgraded to the latest, non-vulnerable version when\nusers access a recording file that is hosted on a WebEx server. If\nthe WebEx recording player was manually installed, users will need to\nmanually install a new version of the player after downloading the\nlatest version from www.webex.com \n\nCisco has released free software updates that address these\nvulnerabilities. \n\nThis advisory is posted at\nhttp://www.cisco.com/warp/public/707/cisco-sa-20110201-webex.shtml. \n\nAffected Products\n=================\n\nVulnerable Products\n+------------------\n\nThe vulnerabilities disclosed in this advisory affect the Cisco WebEx\nrecording players. Microsoft Windows, Apple Mac OS X, and Linux\nversions of the player are all affected. Affected versions of the\nplayers are those prior to client builds T27LC SP22 and T27LB SP21\nEP3. Customers who have contractual agreements that prevent WebEx\nfrom automatically upgrading a recording player to the latest version\nshould contact their account manager to determine upgrade options. \n\nTo determine whether a Cisco WebEx server is running an affected\nversion of the WebEx client build, users can log in to their Cisco\nWebEx server and go to the Support \u003e Downloads section. The version\nof the WebEx client build will be displayed on the right side of the\npage under \"About Support Center.\" See \"Software Versions and Fixes\"\nfor details. \n\nCisco recommends that users upgrade to the most current version of\nthe player that is available from www.webex.com/downloadplayer.html\n\n\nProducts Confirmed Not Vulnerable\n+--------------------------------\n\nNo other Cisco products are currently known to be affected by these\nvulnerabilities. \n\nDetails\n=======\n\nThe WebEx meeting service is a hosted multimedia conferencing\nsolution that is managed and maintained by Cisco WebEx. The WRF and\nARF file formats are used to store WebEx meeting recordings that have\nbeen recorded on the computer of an on-line meeting attendee. The\nplayers are applications that are used to play back and edit\nrecording files (files with .wrf and .arf extensions). The recording\nplayers can be automatically installed when the user accesses a\nrecording file that is hosted on a WebEx server (for stream playback\nmode). The recording players can also be manually installed after\ndownloading the application from www.webex.com/downloadplayer.html\nto play back recording files locally (for offline\nplayback mode). \n\nMultiple buffer overflow vulnerabilities exist in the WRF and ARF\nplayers. The vulnerabilities may lead to a crash of the player\napplication or, in some cases, remote code execution could occur. \n\nTo exploit one of these vulnerabilities, the player application would\nneed to open a malicious WRF or ARF file. An attacker may be able to\naccomplish this exploit by providing the malicious recording file\ndirectly to users (for example, by using e-mail) or by directing a\nuser to a malicious web page. The vulnerability cannot be triggered\nby users who are attending a WebEx meeting. \n\nThese vulnerabilities have been assigned the following Common\nVulnerabilities and Exposures (CVE) identifiers:\n\n * CVE-2010-3269\n * CVE-2010-3041\n * CVE-2010-3042\n * CVE-2010-3043\n * CVE-2010-3044\n\nVulnerability Scoring Details\n\nCisco has provided scores for the vulnerabilities in this advisory\nbased on the Common Vulnerability Scoring System (CVSS). The CVSS\nscoring in this Security Advisory is done in accordance with CVSS\nversion 2.0. \n\nCVSS is a standards-based scoring method that conveys vulnerability\nseverity and helps determine urgency and priority of response. \n\nCisco has provided a base and temporal score. Customers can then\ncompute environmental scores to assist in determining the impact of\nthe vulnerability in individual networks. \n\nCisco has provided an FAQ to answer additional questions regarding\nCVSS at:\n\nhttp://www.cisco.com/web/about/security/intelligence/cvss-qandas.html\n\n\nCisco has also provided a CVSS calculator to help compute the\nenvironmental impact for individual networks at:\n\nhttp://intellishield.cisco.com/security/alertmanager/cvss \n\n* Multiple Cisco WebEx Player Buffer Overflow Vulnerabilities\n\nCVSS Base Score - 9.3\n Access Vector - Network\n Access Complexity - Medium\n Authentication - None\n Confidentiality Impact - Complete\n Integrity Impact - Complete\n Availability Impact - Complete\n\nCVSS Temporal Score - 7.7\n Exploitability - Functional\n Remediation Level - Official-Fix\n Report Confidence - Confirmed\n\n\nImpact\n======\n\nSuccessful exploitation of the vulnerabilities described in this\ndocument could result in a crash of the Cisco WebEx ARF Player or WRF\nPlayer application and, in some cases, allow a remote attacker to\nexecute arbitrary code on the system with the privileges of the user\nwho is running the recording player application. \n\nSoftware Versions and Fixes\n===========================\n\nWhen considering software upgrades, also consult http://www.cisco.com/go/psirt\nand any subsequent advisories to determine exposure and a\ncomplete upgrade solution. \n\nThese vulnerabilities are first fixed in T27LC SP22 and T27LB SP21\nEP3. For customers who are running T27LC SP22, the client build will\nbe represented as 27.22SP.0.9253. The fix for customers who are\nrunning T27LB SP21 will be deployed by WebEx over the next few weeks. \nThe client build will be determined after the software is deployed. \n\nThe client build is listed in the Support \u003e Downloads section of the\nWebEx page after a user authenticates. WebEx bug fixes are cumulative\nin a major release. For example, if release 27.22SP.0 is fixed,\nrelease 27.22SP.1 will also have the software fix. \n\nIf a recording player was automatically installed, it will be\nautomatically upgraded to the latest, nonvulnerable version when\nusers access a recording file that is hosted on a WebEx server. \n\nIf a WebEx recording player was manually installed, users will need\nto manually install a new version of the player after downloading the\nlatest version from www.webex.com/downloadplayer.html\n\nWorkarounds\n===========\n\nThere are no workarounds for the vulnerabilities disclosed in this\nadvisory. \n\nObtaining Fixed Software\n========================\n\nCisco has released free software updates that address these\nvulnerabilities. Prior to deploying software, customers should\nconsult their maintenance provider or check the software for feature\nset compatibility and known issues specific to their environment. \n\nCustomers may only install and expect support for the feature sets\nthey have purchased. By installing, downloading, accessing or\notherwise using such software upgrades, customers agree to be bound\nby the terms of Cisco\u0027s software license terms found at \nhttp://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html,\nor as otherwise set forth at Cisco.com Downloads at\nhttp://www.cisco.com/public/sw-center/sw-usingswc.shtml \n\nDo not contact psirt@cisco.com or security-alert@cisco.com for\nsoftware upgrades. \n\nExploitation and Public Announcements\n=====================================\n\nThe Cisco PSIRT is not aware of any public announcements or malicious\nuse of the vulnerability described in this advisory. \n\nThese vulnerabilities were either found during internal testing or\nreported to Cisco by a variety of sources, including Core Security,\nTippingPoint, and Fortinet\u0027s FortiGuard Labs. \n\nCisco would like to thank these organizations for reporting these\nvulnerabilities. \n\nStatus of this Notice: FINAL\n============================\n\nTHIS DOCUMENT IS PROVIDED ON AN \"AS IS\" BASIS AND DOES NOT IMPLY ANY\nKIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF\nMERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE\nINFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS\nAT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS\nDOCUMENT AT ANY TIME. \n\nA stand-alone copy or Paraphrase of the text of this document that\nomits the distribution URL in the following section is an\nuncontrolled copy, and may lack important information or contain\nfactual errors. \n\nDistribution\n============\n\nThis advisory is posted on Cisco\u0027s worldwide website at :\n\nhttp://www.cisco.com/warp/public/707/cisco-sa-20110201-webex.shtml\n\nIn addition to worldwide web posting, a text version of this notice\nis clear-signed with the Cisco PSIRT PGP key and is posted to the\nfollowing e-mail and Usenet news recipients. \n\n * cust-security-announce@cisco.com\n * first-bulletins@lists.first.org\n * bugtraq@securityfocus.com\n * vulnwatch@vulnwatch.org\n * cisco@spot.colorado.edu\n * cisco-nsp@puck.nether.net\n * full-disclosure@lists.grok.org.uk\n * comp.dcom.sys.cisco@newsgate.cisco.com\n\nFuture updates of this advisory, if any, will be placed on Cisco\u0027s\nworldwide website, but may or may not be actively announced on\nmailing lists or newsgroups. Users concerned about this problem are\nencouraged to check the above URL for any updates. \n\nRevision History\n================\n\n+---------------------------------------+\n| Revision | | Initial |\n| 1.0 | 2011-Feb-01 | public |\n| | | release. |\n+---------------------------------------+\n\nCisco Security Procedures\n=========================\n\nComplete information on reporting security vulnerabilities in Cisco\nproducts, obtaining assistance with security incidents, and\nregistering to receive security information from Cisco, is available\non Cisco\u0027s worldwide website at \nhttp://www.cisco.com/en/US/products/products_security_vulnerability_policy.html. \nThis includes instructions for press inquiries regarding Cisco security notices. \nAll Cisco security advisories are available at \nhttp://www.cisco.com/go/psirt. \n\n+--------------------------------------------------------------------\nCopyright 2010-2011 Cisco Systems, Inc. All rights reserved. \n+--------------------------------------------------------------------\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG/MacGPG2 v2.0.14 (Darwin)\n\niF4EAREIAAYFAk1IQjoACgkQQXnnBKKRMNCpdQEAg/vWtP38VKH2ZDeL9QMQfx6E\nM8nIZdeL2XGonJpT60IA/0APzTbZPE+9rWTi1Z0lJqIgCjHls3jo+sGQWSPvxxkS\n=Ur/Y\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-3042"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003858"
},
{
"db": "BID",
"id": "46075"
},
{
"db": "VULHUB",
"id": "VHN-45647"
},
{
"db": "PACKETSTORM",
"id": "98073"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-3042",
"trust": 2.9
},
{
"db": "BID",
"id": "46075",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1025016",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003858",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201102-029",
"trust": 0.7
},
{
"db": "CISCO",
"id": "20110201 MULTIPLE CISCO WEBEX PLAYER VULNERABILITIES",
"trust": 0.6
},
{
"db": "XF",
"id": "65073",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "16391",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-45647",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "98073",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-45647"
},
{
"db": "BID",
"id": "46075"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003858"
},
{
"db": "PACKETSTORM",
"id": "98073"
},
{
"db": "NVD",
"id": "CVE-2010-3042"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-029"
}
]
},
"id": "VAR-201102-0308",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-45647"
}
],
"trust": 0.7453525499999999
},
"last_update_date": "2023-12-18T12:58:25.516000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20110201-webex",
"trust": 0.8,
"url": "http://www.cisco.com/en/us/products/products_security_advisory09186a0080b6913f.shtml"
},
{
"title": "cisco-sa-20110201-webex",
"trust": 0.8,
"url": "http://www.cisco.com/cisco/web/support/jp/110/1103/1103539_cisco-sa-20110201-webex-j.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-003858"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-45647"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003858"
},
{
"db": "NVD",
"id": "CVE-2010-3042"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/46075"
},
{
"trust": 1.7,
"url": "http://www.cisco.com/en/us/products/products_security_advisory09186a0080b6913f.shtml"
},
{
"trust": 1.7,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=22016"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1025016"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65073"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3042"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-3042"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/65073"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/16391"
},
{
"trust": 0.4,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20110201-webex.shtml"
},
{
"trust": 0.3,
"url": "http://www.coresecurity.com/content/webex-atp-and-wrf-overflow-vulnerabilities"
},
{
"trust": 0.3,
"url": "http://www.webex.com/"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/en/us/products/products_security_vulnerability_policy.html."
},
{
"trust": 0.1,
"url": "http://www.cisco.com/go/psirt"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3043"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20110201-webex.shtml."
},
{
"trust": 0.1,
"url": "http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html"
},
{
"trust": 0.1,
"url": "https://www.webex.com/downloadplayer.html"
},
{
"trust": 0.1,
"url": "https://www.webex.com"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3044"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3041"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3269"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3042"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/go/psirt."
},
{
"trust": 0.1,
"url": "http://www.cisco.com/public/sw-center/sw-usingswc.shtml"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/en/us/docs/general/warranty/english/eu1ken_.html,"
},
{
"trust": 0.1,
"url": "http://intellishield.cisco.com/security/alertmanager/cvss"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-45647"
},
{
"db": "BID",
"id": "46075"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003858"
},
{
"db": "PACKETSTORM",
"id": "98073"
},
{
"db": "NVD",
"id": "CVE-2010-3042"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-029"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-45647"
},
{
"db": "BID",
"id": "46075"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003858"
},
{
"db": "PACKETSTORM",
"id": "98073"
},
{
"db": "NVD",
"id": "CVE-2010-3042"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-029"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-02-02T00:00:00",
"db": "VULHUB",
"id": "VHN-45647"
},
{
"date": "2011-01-31T00:00:00",
"db": "BID",
"id": "46075"
},
{
"date": "2012-03-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-003858"
},
{
"date": "2011-02-02T02:55:23",
"db": "PACKETSTORM",
"id": "98073"
},
{
"date": "2011-02-02T23:00:31.050000",
"db": "NVD",
"id": "CVE-2010-3042"
},
{
"date": "2011-02-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-029"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-17T00:00:00",
"db": "VULHUB",
"id": "VHN-45647"
},
{
"date": "2011-02-01T16:20:00",
"db": "BID",
"id": "46075"
},
{
"date": "2012-03-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-003858"
},
{
"date": "2017-08-17T01:32:54.117000",
"db": "NVD",
"id": "CVE-2010-3042"
},
{
"date": "2011-02-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-029"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "98073"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-029"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco WRF and ARF Player T27LB Vulnerable to buffer overflow",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-003858"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201102-029"
}
],
"trust": 0.6
}
}
var-201210-0315
Vulnerability from variot
Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCtz73583. Cisco WebEx is prone to multiple remote memory-corruption vulnerabilities. An attacker can exploit these issues to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions. Cisco WebEx is a set of Web conferencing tools developed by American Cisco (Cisco), which can assist office workers in different places to coordinate and cooperate. WebEx services include Web conferencing, telepresence video conferencing and enterprise instant messaging (IM). Cisco WebEx Player is used to play the WebEx meeting records recorded by participants on their computers. ----------------------------------------------------------------------
The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/
TITLE: Cisco WebEx Recording Format Player Multiple Vulnerabilities
SECUNIA ADVISORY ID: SA50905
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/50905/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=50905
RELEASE DATE: 2012-10-11
DISCUSS ADVISORY: http://secunia.com/advisories/50905/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/50905/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=50905
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Multiple vulnerabilities have been reported in Cisco WebEx Recording Format Player, which can be exploited by malicious people to compromise a user's system.
1) An unspecified error can be exploited to cause a buffer overflow via a specially crafted WRF file.
2) An unspecified error can be exploited to cause a buffer overflow via a specially crafted WRF file.
3) An unspecified error can be exploited to cause a buffer overflow via a specially crafted WRF file.
4) An unspecified error can be exploited to corrupt memory via a specially crafted WRF file.
5) An unspecified error can be exploited to cause a buffer overflow via a specially crafted WRF file.
6) An unspecified error can be exploited to cause a heap-based buffer overflow via a specially crafted WRF file.
Successful exploitation of the vulnerabilities may allow execution of arbitrary code.
The vulnerabilities are reported in the following versions: * T28 client builds prior to T28.4 (28.4) * T27 client builds prior to T27LDSP32EP10 (27.32.10)
SOLUTION: Update to version 28.4 or 27.32.10.
Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
PROVIDED AND/OR DISCOVERED BY: The vendor credits Beyond Security, Core Security, Codenomicon, and TELUS.
ORIGINAL ADVISORY: Cisco: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-webex
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201210-0315",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webex recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.25.10"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.21.10"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.32.1"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.11.26"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "28.0.0"
},
{
"model": "webex recording format player",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "t28 client build"
},
{
"model": "webex recording format player",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "t27 client build"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "t28.4 (28.4)"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco",
"version": "t27ldsp32ep10 (27.32.10)"
},
{
"model": "webex t27 ld sp32 cp1",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 ld sp32",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 lc sp25 ep9",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 lc sp25 ep10",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 lb sp21 ep10",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 l sp11 ep26",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 fr20",
"scope": null,
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "27.00"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "27.10"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)27.11.8"
},
{
"model": "webex (mac os t27 sp28",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 sp25 ep3",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 sp23",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 sp21 ep9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 sp11 ep23",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 ld sp32 cp1",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 ld sp32",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 lc sp25 ep9",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 lc sp25 ep10",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 lb sp21 ep10",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 l sp11 ep26",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 fr20",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)27.00"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "27.11.8"
},
{
"model": "webex t27 sp28",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 sp25 ep3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 sp23",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 sp21 ep9",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 sp11 ep23",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "55866"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005133"
},
{
"db": "NVD",
"id": "CVE-2012-3938"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-235"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:27.32.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:28.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:27.11.26:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:27.21.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:27.25.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2012-3938"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Beyond Security, Core Security, Codenomicon, and TELUS",
"sources": [
{
"db": "BID",
"id": "55866"
}
],
"trust": 0.3
},
"cve": "CVE-2012-3938",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2012-3938",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-57219",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2012-3938",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201210-235",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-57219",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57219"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005133"
},
{
"db": "NVD",
"id": "CVE-2012-3938"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-235"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCtz73583. Cisco WebEx is prone to multiple remote memory-corruption vulnerabilities. \nAn attacker can exploit these issues to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions. Cisco WebEx is a set of Web conferencing tools developed by American Cisco (Cisco), which can assist office workers in different places to coordinate and cooperate. WebEx services include Web conferencing, telepresence video conferencing and enterprise instant messaging (IM). Cisco WebEx Player is used to play the WebEx meeting records recorded by participants on their computers. ----------------------------------------------------------------------\n\nThe final version of the CSI 6.0 has been released. \nFind out why this is not just another Patch Management solution: http://secunia.com/blog/325/\n\n----------------------------------------------------------------------\n\nTITLE:\nCisco WebEx Recording Format Player Multiple Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA50905\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/50905/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50905\n\nRELEASE DATE:\n2012-10-11\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/50905/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/50905/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50905\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nMultiple vulnerabilities have been reported in Cisco WebEx Recording\nFormat Player, which can be exploited by malicious people to\ncompromise a user\u0027s system. \n\n1) An unspecified error can be exploited to cause a buffer overflow\nvia a specially crafted WRF file. \n\n2) An unspecified error can be exploited to cause a buffer overflow\nvia a specially crafted WRF file. \n\n3) An unspecified error can be exploited to cause a buffer overflow\nvia a specially crafted WRF file. \n\n4) An unspecified error can be exploited to corrupt memory via a\nspecially crafted WRF file. \n\n5) An unspecified error can be exploited to cause a buffer overflow\nvia a specially crafted WRF file. \n\n6) An unspecified error can be exploited to cause a heap-based buffer\noverflow via a specially crafted WRF file. \n\nSuccessful exploitation of the vulnerabilities may allow execution of\narbitrary code. \n\nThe vulnerabilities are reported in the following versions:\n* T28 client builds prior to T28.4 (28.4)\n* T27 client builds prior to T27LDSP32EP10 (27.32.10)\n\nSOLUTION:\nUpdate to version 28.4 or 27.32.10. \n\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nPROVIDED AND/OR DISCOVERED BY:\nThe vendor credits Beyond Security, Core Security, Codenomicon, and\nTELUS. \n\nORIGINAL ADVISORY:\nCisco:\nhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-webex\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2012-3938"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005133"
},
{
"db": "BID",
"id": "55866"
},
{
"db": "VULHUB",
"id": "VHN-57219"
},
{
"db": "PACKETSTORM",
"id": "117325"
}
],
"trust": 2.07
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2012-3938",
"trust": 2.8
},
{
"db": "BID",
"id": "55866",
"trust": 1.4
},
{
"db": "SECTRACK",
"id": "1027639",
"trust": 1.1
},
{
"db": "OSVDB",
"id": "86143",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005133",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201210-235",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "50905",
"trust": 0.7
},
{
"db": "CISCO",
"id": "20121010 MULTIPLE VULNERABILITIES IN THE CISCO WEBEX RECORDING FORMAT PLAYER",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-57219",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "117325",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57219"
},
{
"db": "BID",
"id": "55866"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005133"
},
{
"db": "PACKETSTORM",
"id": "117325"
},
{
"db": "NVD",
"id": "CVE-2012-3938"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-235"
}
]
},
"id": "VAR-201210-0315",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-57219"
}
],
"trust": 0.69583333
},
"last_update_date": "2023-12-18T13:09:37.434000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20121010-webex",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20121010-webex"
},
{
"title": "27109",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=27109"
},
{
"title": "cisco-sa-20121010-webex",
"trust": 0.8,
"url": "http://www.cisco.com/cisco/web/support/jp/111/1116/1116639_cisco-sa-20121010-webex-j.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-005133"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57219"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005133"
},
{
"db": "NVD",
"id": "CVE-2012-3938"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20121010-webex"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/55866"
},
{
"trust": 1.1,
"url": "http://osvdb.org/86143"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id?1027639"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3938"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-3938"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/50905"
},
{
"trust": 0.3,
"url": "http://www.webex.com/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=50905"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50905/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/blog/325/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/50905/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-57219"
},
{
"db": "BID",
"id": "55866"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005133"
},
{
"db": "PACKETSTORM",
"id": "117325"
},
{
"db": "NVD",
"id": "CVE-2012-3938"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-235"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-57219"
},
{
"db": "BID",
"id": "55866"
},
{
"db": "JVNDB",
"id": "JVNDB-2012-005133"
},
{
"db": "PACKETSTORM",
"id": "117325"
},
{
"db": "NVD",
"id": "CVE-2012-3938"
},
{
"db": "CNNVD",
"id": "CNNVD-201210-235"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2012-10-25T00:00:00",
"db": "VULHUB",
"id": "VHN-57219"
},
{
"date": "2012-10-10T00:00:00",
"db": "BID",
"id": "55866"
},
{
"date": "2012-10-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-005133"
},
{
"date": "2012-10-11T10:07:14",
"db": "PACKETSTORM",
"id": "117325"
},
{
"date": "2012-10-25T14:55:03.670000",
"db": "NVD",
"id": "CVE-2012-3938"
},
{
"date": "2012-10-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201210-235"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-05-04T00:00:00",
"db": "VULHUB",
"id": "VHN-57219"
},
{
"date": "2015-03-19T09:16:00",
"db": "BID",
"id": "55866"
},
{
"date": "2012-10-29T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2012-005133"
},
{
"date": "2013-05-04T03:20:03.717000",
"db": "NVD",
"id": "CVE-2012-3938"
},
{
"date": "2012-10-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201210-235"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201210-235"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco WebEx Recording Format Player Vulnerable to buffer overflow",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2012-005133"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201210-235"
}
],
"trust": 0.6
}
}
var-201110-0222
Vulnerability from variot
Buffer overflow in the ATAS32 processing functionality in the Cisco WebEx Recording Format (WRF) player T26 before SP49 EP40 and T27 before SP28 allows remote attackers to execute arbitrary code via a crafted WRF file. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists in ATAS32.DLL during the parsing of values defined within the WRF file format. The vulnerable code trusts the linesProcessed value from the file, and uses it in some logic to determine the destination pointer for a memcpy. By supplying an overly large linesProcessed value, the subtraction would cause an integer underflow and allows an attacker control of the destination buffer pointer. This can be further leveraged to execute arbitrary code under the context of the current user. Cisco WebEx is a web conferencing solution. When Cisco WebEx parses the value defined in the WRF file format, ATAS32.DLL is flawed. The value is reduced by the large linesProcessed value. Cisco WebEx is prone to multiple remote buffer-overflow vulnerabilities. Failed exploit attempts may result in a denial-of-service condition. More details can be found at:
http://www.cisco.com/go/psirt
-- Disclosure Timeline: 2011-05-12 - Vulnerability reported to vendor 2011-10-26 - Coordinated public release of advisory
-- Credit: This vulnerability was discovered by:
-
Aniway (Aniway.Anyway@gmail.com)
-
Anonymous
-- About the Zero Day Initiative (ZDI): Established by TippingPoint, The Zero Day Initiative (ZDI) represents a best-of-breed model for rewarding security researchers for responsibly disclosing discovered vulnerabilities.
Researchers interested in getting paid for their security research through the ZDI can find more information and sign-up at:
http://www.zerodayinitiative.com
The ZDI is unique in how the acquired vulnerability information is used. TippingPoint does not re-sell the vulnerability details or any exploit code. Instead, upon notifying the affected product vendor, TippingPoint provides its customers with zero day protection through its intrusion prevention technology. Explicit details regarding the specifics of the vulnerability are not exposed to any parties until an official vendor patch is publicly available. Furthermore, with the altruistic aim of helping to secure a broader user base, TippingPoint provides this vulnerability information confidentially to security vendors (including competitors) who have a vulnerability protection or mitigation product.
Our vulnerability disclosure policy is available online at:
http://www.zerodayinitiative.com/advisories/disclosure_policy/
Follow the ZDI on Twitter:
http://twitter.com/thezdi
. ----------------------------------------------------------------------
Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool.
Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/
TITLE: Cisco WebEx Player WRF File Processing Vulnerabilities
SECUNIA ADVISORY ID: SA46607
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46607/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46607
RELEASE DATE: 2011-10-28
DISCUSS ADVISORY: http://secunia.com/advisories/46607/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/46607/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=46607
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: Two vulnerabilities have been reported in Cisco WebEx Player, which can be exploited by malicious people to compromise a user's system.
SOLUTION: Update to a fixed version (Please see the vendor's advisory for details).
PROVIDED AND/OR DISCOVERED BY: 1) The vendor credits TippingPoint. 2) Aniway and Anonymous via ZDI.
ORIGINAL ADVISORY: Cisco: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-webex
ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-308/
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
.
The Cisco WebEx Players are applications that are used to play back WebEx meeting recordings that have been recorded on a WebEx meeting site or on the computer of an online meeting attendee. The players can be automatically installed when the user accesses a recording file that is hosted on a WebEx meeting site. The players can also be manually installed for offline playback after downloading the application from www.webex.com
If the WRF player was automatically installed, it will be automatically upgraded to the latest, nonvulnerable version when users access a recording file that is hosted on a WebEx meeting site. If the WRF player was manually installed, users will need to manually install a new version of the player after downloading the latest version from www.webex.com
Cisco has released free software updates that address these vulnerabilities.
This advisory is posted at: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-webex
Note: Effective October 18, 2011, Cisco moved the current list of Cisco Security Advisories and Responses published by Cisco PSIRT. The new location is http://tools.cisco.com/security/center/publicationListing You can also navigate to this page from the Cisco Products and Services menu of the Cisco Security Intelligence Operations (SIO) Portal. Following this transition, new Cisco Security Advisories and Responses will be published to the new location. Although the URL has changed, the content of security documents and the vulnerability policy are not impacted. Cisco will continue to disclose security vulnerabilities in accordance with the published Security Vulnerability Policy.
Affected Products
The vulnerabilities disclosed in this advisory affect the Cisco WRF players. The Microsoft Windows, Apple Mac OS X, and Linux versions of the players are all affected. Review the following table for the list of releases that contain the nonvulnerable code. Affected versions of the players are those prior to client build T26 SP49 EP40 and T27 SP28. These build numbers are available only to WebEx site administrators. End users will see a version such as "Client build: 27.25.4.11889." This indicates the server is running software version T27 SP25 EP4.
To determine whether a Cisco WebEx meeting site is running an affected version of the WebEx client build, users can log in to their Cisco WebEx meeting site and go to the Support > Downloads section. The version of the WebEx client build will be displayed on the right side of the page under "About Support Center." See "Software Versions and Fixes" for details.
Cisco recommends that users upgrade to the most current version of the player that is available from www.webex.com/ downloadplayer.html. If the player is no longer needed, it can be removed using the "Mac Cisco-WebEx Uninstaller" or "Meeting Services Removal tool" available at support.webex.com/support/ downloads.html.
Users can manually verify the installed version of the WRF player to determine whether it is affected by these vulnerabilities. To do so, an administrator must examine the version numbers of the installed files and determine whether the version of the file contains the fixed code. Detailed instructions on how to verify the version numbers are provided in the following sections.
The following tables provide the first nonvulnerable version of each object.
Microsoft Windows +---------------- Two dynamically linked libraries (DLLs) were updated on the Microsoft Windows platform to address the vulnerabilities that are described in this advisory. These files are in the folder C:\ Program Files\WebEx\Record Playback or C:\Program Files (x86)\ Webex\Record Player. The version number of a DLL can be obtained by browsing the Record Playback directory in Windows Explorer, right-clicking on the file name, and choosing Properties. The Version or Details tab of the Properties page provides details on the library version. The following table gives the first fixed version number for each DLL. If the installed versions are equal to or greater than the versions provided in the table, the system is not vulnerable.
+----------------------------------------------------------------------------+ | Library | T26 SP49 | T27 SP11 | T27 SP21 | T27 SP25 | T27 SP28 | | | EP40 | EP26 | EP9 | EP3 | | |--------------+-------------+------------+----------+----------+------------| | atas32.dll | Not | 2.6.11.0 | 2.6.21.5 | 2.6.25.0 | 2.6.28.0 | | | vulnerable | | | | | |--------------+-------------+------------+----------+----------+------------| | atdl2006.dll | 2.5.49.4000 | 2.6.1123.1 | 2.6.21.1 | 2.6.20.0 | Not | | | | | | | vulnerable | +----------------------------------------------------------------------------+
Mac +-- A package bundle was updated on the Macintosh platform to address the vulnerabilities that are described in this advisory. This file is in each user's home directory, which can be accessed in ~/Library/Application Support/WebEx Folder/824 for systems connected to servers running T26 and ~/Library/Application Support/WebEx Folder/924 for systems connected to servers running T27. The version can be obtained by browsing to the appropriate folder in Finder and control-clicking the filename. When the menu is displayed, select show package contents and then double-click the Info.plist file. The version number is shown at the bottom of the displayed table.
+-------------------------------------------------------------------------------+ | Bundle | T26 SP49 | T27 SP11 | T27 SP21 | T27 SP25 | T27 SP28 | | | EP40 | EP26 | EP9 | EP3 | | |-------------------+-----------+------------+-----------+----------+------------| | asplayback.bundle | 6.0.49.40 | 6.10.11.25 | 6.10.21.9 | 6.0.25.3 | 5.25.27.28 | +-------------------------------------------------------------------------------+
Linux
A shared object was updated on the Linux platform to address the vulnerabilities that are described in this advisory. This file is in the ~/.webex directory. The version number of the shared object can be obtained by performing a directory listing with the ls command. The version number is provided after the .so extension.
+---------------------------------------------------------------------------+ | Shared | T26 SP49 | T27 SP11 | T27 SP21 | T27 SP25 | T27 SP28 | | Object | EP40 | EP26 | EP9 | EP3 | | |------------+-----------+------------+-----------+------------+------------| | atascli.so | 1.0.26.41 | 1.11.27.15 | 1.0.27.17 | 1.25.27.17 | 1.28.27.17 | +---------------------------------------------------------------------------+
Vulnerable Products +------------------
No other Cisco products are currently known to be affected by these vulnerabilities.
Details
The WebEx meeting service is a hosted multimedia conferencing solution that is managed and maintained by Cisco WebEx. The WRF file format is used to store WebEx meeting recordings that have been recorded on a WebEx meeting site or on the computer of an online meeting attendee. The players are applications that are used to play back and edit recording files (files with a .wrf extension). The WRF players can be automatically installed when the user accesses a recording file that is hosted on a WebEx meeting site (for stream playback mode). The WRF players can also be manually installed after downloading the application from www.webex.com/downloadplayer.html to play back recording files locally (for offline playback mode). The vulnerabilities cannot be triggered by users who are attending a WebEx meeting.
Vulnerability Scoring Details +----------------------------
Cisco has provided scores for the vulnerabilities in this advisory based on the Common Vulnerability Scoring System (CVSS). The CVSS scoring in this Security Advisory is done in accordance with CVSS version 2.0.
CVSS is a standards-based scoring method that conveys vulnerability severity and helps determine urgency and priority of response.
Cisco has provided a base and temporal score. Customers can then compute environmental scores to assist in determining the impact of the vulnerability in individual networks.
Cisco has provided an FAQ to answer additional questions regarding CVSS at: http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html
Cisco has also provided a CVSS calculator to help compute the environmental impact for individual networks at: http://intellishield.cisco.com/security/alertmanager/cvss
- Multiple Cisco WebEx Player Buffer Overflow Vulnerabilities
CVSS Base Score - 9.3 Access Vector - Network Access Complexity - Medium Authentication - None Confidentiality Impact - Complete Integrity Impact - Complete Availability Impact - Complete
CVSS Temporal Score - 7.7 Exploitability - Functional Remediation Level - Official-Fix Report Confidence - Confirmed
Impact
Successful exploitation of the vulnerabilities described in this document could cause the Cisco WRF player application to crash and, in some cases, allow a remote attacker to execute arbitrary code on the system with the privileges of the user who is running the WRF player application.
Software Versions and Fixes
When considering software upgrades, also consult: http://www.cisco.com/go/psirt and any subsequent advisories to determine exposure and a complete upgrade solution.
These vulnerabilities are first fixed in the following versions:
- T26 SP49 EP40
- T27 FR20
- T27 SP11 EP23
- T27 SP21 EP9
- T27 SP23
- T27 SP25 EP3
- T27 SP28
The client build is listed in the Support > Downloads section of the WebEx page after a user authenticates. WebEx bug fixes are cumulative in a major release. For example, if release T27 SP22 EP9 is fixed, release T27 SP22 EP23 will also have the software fix. End users will see a version such as "Client build: 27.25.4.11889." This indicates the server is running software version T27 SP25 EP4.
If a WRF player was automatically installed, it will be automatically upgraded to the latest, nonvulnerable version when users access a recording file that is hosted on a WebEx meeting site.
If a WRF player was manually installed, users will need to manually install a new version of the player after downloading the latest version from www.webex.com/downloadplayer.html. If the player is no longer needed, it can be removed using the "Mac Cisco-WebEx Uninstaller" or "Meeting Services Removal tool" available at support.webex.com/support/downloads.html
Workarounds
There are no workarounds for the vulnerabilities disclosed in this advisory.
Obtaining Fixed Software
Cisco has released free software updates that address these vulnerabilities. Prior to deploying software, customers should consult their maintenance provider or check the software for feature set compatibility and known issues specific to their environment.
Customers may only install and expect support for the feature sets they have purchased. By installing, downloading, accessing or otherwise using such software upgrades, customers agree to be bound by the terms of Cisco's software license terms found at: http://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html or as otherwise set forth at Cisco.com Downloads at: http://www.cisco.com/public/sw-center/sw-usingswc.shtml
Do not contact psirt@cisco.com or security-alert@cisco.com for software upgrades.
Customers with Service Contracts +-------------------------------
This section does not apply for vulnerabilities in Cisco WebEx products.
Customers using Third Party Support Organizations +------------------------------------------------
This section does not apply for vulnerabilities in Cisco WebEx products.
Customers without Service Contracts +----------------------------------
This section does not apply for vulnerabilities in Cisco WebEx products.
Exploitation and Public Announcements
The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerabilities described in this advisory.
These vulnerabilities were reported to Cisco by TippingPoint. Cisco would like to thank TippingPoint for reporting these vulnerabilities to us.
Status of this Notice: Final
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.
A stand-alone copy or Paraphrase of the text of this document that omits the distribution URL in the following section is an uncontrolled copy, and may lack important information or contain factual errors.
Distribution
This advisory is posted on Cisco's worldwide website at:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-webex
In addition to worldwide web posting, a text version of this notice is clear-signed with the Cisco PSIRT PGP key and is posted to the following e-mail and Usenet news recipients.
- cust-security-announce@cisco.com
- first-teams@first.org
- bugtraq@securityfocus.com
- vulnwatch@vulnwatch.org
- cisco@spot.colorado.edu
- cisco-nsp@puck.nether.net
- full-disclosure@lists.grok.org.uk
- comp.dcom.sys.cisco@newsgate.cisco.com
Future updates of this advisory, if any, will be placed on Cisco's worldwide website, but may or may not be actively announced on mailing lists or newsgroups. Users concerned about this problem are encouraged to check the above URL for any updates.
Revision History
+-------------------------------------------------------------------+ | Revision 1.0 | 2011-October-26 | Initial public release | +-------------------------------------------------------------------+
Cisco Security Procedures
Complete information on reporting security vulnerabilities in Cisco products, obtaining assistance with security incidents, and registering to receive security information from Cisco, is available on Cisco's worldwide website at: http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html This includes instructions for press inquiries regarding Cisco security notices.
All Cisco security advisories are available at: http://www.cisco.com/go/psirt
+-------------------------------------------------------------------- Copyright 2010-2011 Cisco Systems, Inc. All rights reserved. +-------------------------------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (SunOS)
iFcDBQFOqCUXQXnnBKKRMNARCO+aAP9IbHs1VnWKq0GY3UPgGavVWYYrypo9uR2g S1eif/eNEQD7BRMCZrBRVyqMy2c0STwOH9IN35fyqGyLtlO/Nxv4geA= =eg2S -----END PGP SIGNATURE-----
Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201110-0222",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webex",
"scope": "eq",
"trust": 1.8,
"vendor": "cisco",
"version": "26.00"
},
{
"model": "webex",
"scope": "eq",
"trust": 1.8,
"vendor": "cisco",
"version": "27.00"
},
{
"model": "webex 27lb sp21 ep3",
"scope": null,
"trust": 1.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex 27lc sp22",
"scope": null,
"trust": 1.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.10"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.12"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.13"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "26"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "26.49.32"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "27.10"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "x)26.00"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "x)27.00"
},
{
"model": "webex (mac os 27lb sp21 ep3",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os 27lc sp22",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "x)26.49.35"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "x)27.11.8"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "27.11.8"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "26.49.35"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.9,
"vendor": "cisco",
"version": "27"
},
{
"model": "webex recording format player",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "t26 sp49 ep40"
},
{
"model": "webex recording format player",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "t27 sp28"
},
{
"model": "webex",
"scope": null,
"trust": 0.7,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 sp28",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 sp25 ep3",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 sp23",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 sp21 ep9",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 sp11 ep23",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t27 fr20",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex t26 sp49 ep40",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex (mac os t27 sp28",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 sp25 ep3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 sp23",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 sp21 ep9",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 sp11 ep23",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t27 fr20",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os t26 sp49 ep40",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-308"
},
{
"db": "CNVD",
"id": "CNVD-2011-4516"
},
{
"db": "BID",
"id": "50373"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002704"
},
{
"db": "NVD",
"id": "CVE-2011-4004"
},
{
"db": "CNNVD",
"id": "CNNVD-201110-653"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:27.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:27.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:27.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:26:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:27:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2011-4004"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "TippingPoint",
"sources": [
{
"db": "BID",
"id": "50373"
},
{
"db": "CNNVD",
"id": "CNNVD-201110-653"
}
],
"trust": 0.9
},
"cve": "CVE-2011-4004",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2011-4004",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "ZDI",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2011-4004",
"impactScore": 8.5,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "HIGH",
"trust": 0.7,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-51949",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2011-4004",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "ZDI",
"id": "CVE-2011-4004",
"trust": 0.7,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201110-653",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-51949",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2011-4004",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-308"
},
{
"db": "VULHUB",
"id": "VHN-51949"
},
{
"db": "VULMON",
"id": "CVE-2011-4004"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002704"
},
{
"db": "NVD",
"id": "CVE-2011-4004"
},
{
"db": "CNNVD",
"id": "CNNVD-201110-653"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in the ATAS32 processing functionality in the Cisco WebEx Recording Format (WRF) player T26 before SP49 EP40 and T27 before SP28 allows remote attackers to execute arbitrary code via a crafted WRF file. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists in ATAS32.DLL during the parsing of values defined within the WRF file format. The vulnerable code trusts the linesProcessed value from the file, and uses it in some logic to determine the destination pointer for a memcpy. By supplying an overly large linesProcessed value, the subtraction would cause an integer underflow and allows an attacker control of the destination buffer pointer. This can be further leveraged to execute arbitrary code under the context of the current user. Cisco WebEx is a web conferencing solution. When Cisco WebEx parses the value defined in the WRF file format, ATAS32.DLL is flawed. The value is reduced by the large linesProcessed value. Cisco WebEx is prone to multiple remote buffer-overflow vulnerabilities. Failed exploit attempts may result in a denial-of-service condition. More details\ncan be found at:\n\nhttp://www.cisco.com/go/psirt\n\n\n\n-- Disclosure Timeline:\n2011-05-12 - Vulnerability reported to vendor\n2011-10-26 - Coordinated public release of advisory\n\n-- Credit:\nThis vulnerability was discovered by:\n\n* Aniway (Aniway.Anyway@gmail.com)\n\n\n* Anonymous\n\n\n\n-- About the Zero Day Initiative (ZDI):\nEstablished by TippingPoint, The Zero Day Initiative (ZDI) represents\na best-of-breed model for rewarding security researchers for responsibly\ndisclosing discovered vulnerabilities. \n\nResearchers interested in getting paid for their security research\nthrough the ZDI can find more information and sign-up at:\n\n http://www.zerodayinitiative.com\n\nThe ZDI is unique in how the acquired vulnerability information is\nused. TippingPoint does not re-sell the vulnerability details or any\nexploit code. Instead, upon notifying the affected product vendor,\nTippingPoint provides its customers with zero day protection through\nits intrusion prevention technology. Explicit details regarding the\nspecifics of the vulnerability are not exposed to any parties until\nan official vendor patch is publicly available. Furthermore, with the\naltruistic aim of helping to secure a broader user base, TippingPoint\nprovides this vulnerability information confidentially to security\nvendors (including competitors) who have a vulnerability protection or\nmitigation product. \n\nOur vulnerability disclosure policy is available online at:\n\n http://www.zerodayinitiative.com/advisories/disclosure_policy/\n\nFollow the ZDI on Twitter:\n\n http://twitter.com/thezdi\n\n. ----------------------------------------------------------------------\n\nOvum says ad hoc tools are out-dated. The best practice approach?\nFast vulnerability intelligence, threat handling, and setup in one tool. \n\nRead the new report on the Secunia VIM:\nhttp://secunia.com/products/corporate/vim/ovum_2011_request/ \n\n----------------------------------------------------------------------\n\nTITLE:\nCisco WebEx Player WRF File Processing Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA46607\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/46607/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=46607\n\nRELEASE DATE:\n2011-10-28\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/46607/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/46607/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=46607\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nTwo vulnerabilities have been reported in Cisco WebEx Player, which\ncan be exploited by malicious people to compromise a user\u0027s system. \n\nSOLUTION:\nUpdate to a fixed version (Please see the vendor\u0027s advisory for\ndetails). \n\nPROVIDED AND/OR DISCOVERED BY:\n1) The vendor credits TippingPoint. \n2) Aniway and Anonymous via ZDI. \n\nORIGINAL ADVISORY:\nCisco:\nhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-webex\n\nZDI:\nhttp://www.zerodayinitiative.com/advisories/ZDI-11-308/\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \n\nThe Cisco WebEx Players are applications that are used to play back\nWebEx meeting recordings that have been recorded on a WebEx meeting\nsite or on the computer of an online meeting attendee. The players\ncan be automatically installed when the user accesses a recording\nfile that is hosted on a WebEx meeting site. The players can also be\nmanually installed for offline playback after downloading the\napplication from www.webex.com\n\nIf the WRF player was automatically installed, it will be\nautomatically upgraded to the latest, nonvulnerable version when\nusers access a recording file that is hosted on a WebEx meeting site. \nIf the WRF player was manually installed, users will need to manually\ninstall a new version of the player after downloading the latest\nversion from www.webex.com\n\nCisco has released free software updates that address these\nvulnerabilities. \n\nThis advisory is posted at: \nhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-webex\n\nNote: Effective October 18, 2011, Cisco moved the current list of\nCisco Security Advisories and Responses published by Cisco PSIRT. The\nnew location is http://tools.cisco.com/security/center/publicationListing\nYou can also navigate to this page from the Cisco\nProducts and Services menu of the Cisco Security Intelligence\nOperations (SIO) Portal. Following this transition, new Cisco\nSecurity Advisories and Responses will be published to the new\nlocation. Although the URL has changed, the content of security\ndocuments and the vulnerability policy are not impacted. Cisco will\ncontinue to disclose security vulnerabilities in accordance with the\npublished Security Vulnerability Policy. \n\nAffected Products\n=================\n\nThe vulnerabilities disclosed in this advisory affect the Cisco\nWRF players. The Microsoft Windows, Apple Mac OS X, and Linux\nversions of the players are all affected. Review the following\ntable for the list of releases that contain the nonvulnerable\ncode. Affected versions of the players are those prior to client\nbuild T26 SP49 EP40 and T27 SP28. These build numbers are\navailable only to WebEx site administrators. End users will see a\nversion such as \"Client build: 27.25.4.11889.\" This indicates the\nserver is running software version T27 SP25 EP4. \n\nTo determine whether a Cisco WebEx meeting site is running an\naffected version of the WebEx client build, users can log in to\ntheir Cisco WebEx meeting site and go to the Support \u003e Downloads\nsection. The version of the WebEx client build will be displayed\non the right side of the page under \"About Support Center.\" See\n\"Software Versions and Fixes\" for details. \n\nCisco recommends that users upgrade to the most current version\nof the player that is available from www.webex.com/\ndownloadplayer.html. If the player is no longer needed, it can be\nremoved using the \"Mac Cisco-WebEx Uninstaller\" or \"Meeting\nServices Removal tool\" available at support.webex.com/support/\ndownloads.html. \n\nUsers can manually verify the installed version of the WRF player\nto determine whether it is affected by these vulnerabilities. To\ndo so, an administrator must examine the version numbers of the\ninstalled files and determine whether the version of the file\ncontains the fixed code. Detailed instructions on how to verify\nthe version numbers are provided in the following sections. \n\nThe following tables provide the first nonvulnerable version of\neach object. \n\nMicrosoft Windows\n+----------------\nTwo dynamically linked libraries (DLLs) were updated on the\nMicrosoft Windows platform to address the vulnerabilities that\nare described in this advisory. These files are in the folder C:\\\nProgram Files\\WebEx\\Record Playback or C:\\Program Files (x86)\\\nWebex\\Record Player. The version number of a DLL can be obtained\nby browsing the Record Playback directory in Windows Explorer,\nright-clicking on the file name, and choosing Properties. The\nVersion or Details tab of the Properties page provides details on\nthe library version. The following table gives the first fixed\nversion number for each DLL. If the installed versions are equal\nto or greater than the versions provided in the table, the system\nis not vulnerable. \n\n+----------------------------------------------------------------------------+\n| Library | T26 SP49 | T27 SP11 | T27 SP21 | T27 SP25 | T27 SP28 |\n| | EP40 | EP26 | EP9 | EP3 | |\n|--------------+-------------+------------+----------+----------+------------|\n| atas32.dll | Not | 2.6.11.0 | 2.6.21.5 | 2.6.25.0 | 2.6.28.0 |\n| | vulnerable | | | | |\n|--------------+-------------+------------+----------+----------+------------|\n| atdl2006.dll | 2.5.49.4000 | 2.6.1123.1 | 2.6.21.1 | 2.6.20.0 | Not |\n| | | | | | vulnerable |\n+----------------------------------------------------------------------------+\n \nMac\n+--\nA package bundle was updated on the Macintosh platform to\naddress the vulnerabilities that are described in this advisory. \nThis file is in each user\u0027s home directory, which can be accessed\nin ~/Library/Application Support/WebEx Folder/824 for systems\nconnected to servers running T26 and ~/Library/Application\nSupport/WebEx Folder/924 for systems connected to servers running\nT27. The version can be obtained by browsing to the appropriate\nfolder in Finder and control-clicking the filename. When the menu\nis displayed, select show package contents and then double-click\nthe Info.plist file. The version number is shown at the bottom of\nthe displayed table. \n\n+-------------------------------------------------------------------------------+\n| Bundle | T26 SP49 | T27 SP11 | T27 SP21 | T27 SP25 | T27 SP28 |\n| | EP40 | EP26 | EP9 | EP3 | |\n|-------------------+-----------+------------+-----------+----------+------------|\n| asplayback.bundle | 6.0.49.40 | 6.10.11.25 | 6.10.21.9 | 6.0.25.3 | 5.25.27.28 |\n+-------------------------------------------------------------------------------+\n\nLinux\n\nA shared object was updated on the Linux platform to address the\nvulnerabilities that are described in this advisory. This file is\nin the ~/.webex directory. The version number of the shared\nobject can be obtained by performing a directory listing with the\nls command. The version number is provided after the .so\nextension. \n\n+---------------------------------------------------------------------------+\n| Shared | T26 SP49 | T27 SP11 | T27 SP21 | T27 SP25 | T27 SP28 |\n| Object | EP40 | EP26 | EP9 | EP3 | |\n|------------+-----------+------------+-----------+------------+------------|\n| atascli.so | 1.0.26.41 | 1.11.27.15 | 1.0.27.17 | 1.25.27.17 | 1.28.27.17 |\n+---------------------------------------------------------------------------+\n\nVulnerable Products\n+------------------\n\nNo other Cisco products are currently known to be affected by these\nvulnerabilities. \n\nDetails\n=======\n\nThe WebEx meeting service is a hosted multimedia conferencing\nsolution that is managed and maintained by Cisco WebEx. The WRF file\nformat is used to store WebEx meeting recordings that have been\nrecorded on a WebEx meeting site or on the computer of an online\nmeeting attendee. The players are applications that are used to play\nback and edit recording files (files with a .wrf extension). The WRF\nplayers can be automatically installed when the user accesses a\nrecording file that is hosted on a WebEx meeting site (for stream\nplayback mode). The WRF players can also be manually installed after\ndownloading the application from www.webex.com/downloadplayer.html \nto play back recording files locally (for offline playback mode). The vulnerabilities cannot be triggered\nby users who are attending a WebEx meeting. \n\nVulnerability Scoring Details\n+----------------------------\n\nCisco has provided scores for the vulnerabilities in this advisory\nbased on the Common Vulnerability Scoring System (CVSS). The CVSS\nscoring in this Security Advisory is done in accordance with CVSS\nversion 2.0. \n\nCVSS is a standards-based scoring method that conveys vulnerability\nseverity and helps determine urgency and priority of response. \n\nCisco has provided a base and temporal score. Customers can then\ncompute environmental scores to assist in determining the impact of\nthe vulnerability in individual networks. \n\nCisco has provided an FAQ to answer additional questions regarding\nCVSS at:\nhttp://www.cisco.com/web/about/security/intelligence/cvss-qandas.html\n\n\nCisco has also provided a CVSS calculator to help compute the\nenvironmental impact for individual networks at:\nhttp://intellishield.cisco.com/security/alertmanager/cvss\n\n* Multiple Cisco WebEx Player Buffer Overflow Vulnerabilities\n\nCVSS Base Score - 9.3\n Access Vector - Network\n Access Complexity - Medium\n Authentication - None\n Confidentiality Impact - Complete\n Integrity Impact - Complete\n Availability Impact - Complete\n\nCVSS Temporal Score - 7.7\n Exploitability - Functional\n Remediation Level - Official-Fix\n Report Confidence - Confirmed\n\n\nImpact\n======\n\nSuccessful exploitation of the vulnerabilities described in this\ndocument could cause the Cisco WRF player application to crash and,\nin some cases, allow a remote attacker to execute arbitrary code on\nthe system with the privileges of the user who is running the WRF\nplayer application. \n\nSoftware Versions and Fixes\n===========================\n\nWhen considering software upgrades, also consult:\nhttp://www.cisco.com/go/psirt and any subsequent advisories to \ndetermine exposure and a complete upgrade solution. \n\nThese vulnerabilities are first fixed in the following versions: \n\n * T26 SP49 EP40\n * T27 FR20\n * T27 SP11 EP23\n * T27 SP21 EP9\n * T27 SP23\n * T27 SP25 EP3\n * T27 SP28\n\nThe client build is listed in the Support \u003e Downloads section of the\nWebEx page after a user authenticates. WebEx bug fixes are cumulative\nin a major release. For example, if release T27 SP22 EP9 is fixed,\nrelease T27 SP22 EP23 will also have the software fix. End users\nwill see a version such as \"Client build: 27.25.4.11889.\" This\nindicates the server is running software version T27 SP25 EP4. \n\nIf a WRF player was automatically installed, it will be automatically\nupgraded to the latest, nonvulnerable version when users access a\nrecording file that is hosted on a WebEx meeting site. \n\nIf a WRF player was manually installed, users will need to manually\ninstall a new version of the player after downloading the latest\nversion from www.webex.com/downloadplayer.html. If the player is no\nlonger needed, it can be removed using the \"Mac Cisco-WebEx\nUninstaller\" or \"Meeting Services Removal tool\" available at \nsupport.webex.com/support/downloads.html\n\nWorkarounds\n===========\n\nThere are no workarounds for the vulnerabilities disclosed in this\nadvisory. \n\nObtaining Fixed Software\n========================\n\nCisco has released free software updates that address these\nvulnerabilities. Prior to deploying software, customers should\nconsult their maintenance provider or check the software for feature\nset compatibility and known issues specific to their environment. \n\nCustomers may only install and expect support for the feature sets\nthey have purchased. By installing, downloading, accessing or\notherwise using such software upgrades, customers agree to be bound\nby the terms of Cisco\u0027s software license terms found at:\nhttp://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html\nor as otherwise set forth at Cisco.com Downloads at:\nhttp://www.cisco.com/public/sw-center/sw-usingswc.shtml\n\nDo not contact psirt@cisco.com or security-alert@cisco.com for\nsoftware upgrades. \n\nCustomers with Service Contracts\n+-------------------------------\n\nThis section does not apply for vulnerabilities in Cisco WebEx\nproducts. \n\n\nCustomers using Third Party Support Organizations\n+------------------------------------------------\n\nThis section does not apply for vulnerabilities in Cisco WebEx\nproducts. \n\nCustomers without Service Contracts\n+----------------------------------\n\nThis section does not apply for vulnerabilities in Cisco WebEx\nproducts. \n\nExploitation and Public Announcements\n=====================================\n\nThe Cisco PSIRT is not aware of any public announcements or malicious\nuse of the vulnerabilities described in this advisory. \n\nThese vulnerabilities were reported to Cisco by TippingPoint. Cisco\nwould like to thank TippingPoint for reporting these vulnerabilities\nto us. \n\nStatus of this Notice: Final\n============================\n\nTHIS DOCUMENT IS PROVIDED ON AN \"AS IS\" BASIS AND DOES NOT IMPLY ANY\nKIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF\nMERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE\nINFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS\nAT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS\nDOCUMENT AT ANY TIME. \n\nA stand-alone copy or Paraphrase of the text of this document that\nomits the distribution URL in the following section is an\nuncontrolled copy, and may lack important information or contain\nfactual errors. \n\n\nDistribution\n============\n\nThis advisory is posted on Cisco\u0027s worldwide website at:\n\nhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-webex\n\nIn addition to worldwide web posting, a text version of this notice\nis clear-signed with the Cisco PSIRT PGP key and is posted to the\nfollowing e-mail and Usenet news recipients. \n\n * cust-security-announce@cisco.com\n * first-teams@first.org\n * bugtraq@securityfocus.com\n * vulnwatch@vulnwatch.org\n * cisco@spot.colorado.edu\n * cisco-nsp@puck.nether.net\n * full-disclosure@lists.grok.org.uk\n * comp.dcom.sys.cisco@newsgate.cisco.com\n\nFuture updates of this advisory, if any, will be placed on Cisco\u0027s\nworldwide website, but may or may not be actively announced on\nmailing lists or newsgroups. Users concerned about this problem are\nencouraged to check the above URL for any updates. \n\n\nRevision History\n================\n\n+-------------------------------------------------------------------+\n| Revision 1.0 | 2011-October-26 | Initial public release |\n+-------------------------------------------------------------------+\n\n\n \n\nCisco Security Procedures\n=========================\n\nComplete information on reporting security vulnerabilities in Cisco\nproducts, obtaining assistance with security incidents, and\nregistering to receive security information from Cisco, is available\non Cisco\u0027s worldwide website at:\nhttp://www.cisco.com/en/US/products/products_security_vulnerability_policy.html\nThis includes instructions for press inquiries regarding Cisco \nsecurity notices. \n\nAll Cisco security advisories are available at: \nhttp://www.cisco.com/go/psirt\n\n\n+--------------------------------------------------------------------\nCopyright 2010-2011 Cisco Systems, Inc. All rights reserved. \n+--------------------------------------------------------------------\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.5 (SunOS)\n\niFcDBQFOqCUXQXnnBKKRMNARCO+aAP9IbHs1VnWKq0GY3UPgGavVWYYrypo9uR2g\nS1eif/eNEQD7BRMCZrBRVyqMy2c0STwOH9IN35fyqGyLtlO/Nxv4geA=\n=eg2S\n-----END PGP SIGNATURE-----\n\n_______________________________________________\nFull-Disclosure - We believe in it. \nCharter: http://lists.grok.org.uk/full-disclosure-charter.html\nHosted and sponsored by Secunia - http://secunia.com/\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2011-4004"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002704"
},
{
"db": "ZDI",
"id": "ZDI-11-308"
},
{
"db": "CNVD",
"id": "CNVD-2011-4516"
},
{
"db": "BID",
"id": "50373"
},
{
"db": "VULHUB",
"id": "VHN-51949"
},
{
"db": "VULMON",
"id": "CVE-2011-4004"
},
{
"db": "PACKETSTORM",
"id": "106270"
},
{
"db": "PACKETSTORM",
"id": "106320"
},
{
"db": "PACKETSTORM",
"id": "106250"
}
],
"trust": 3.51
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-51949",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-51949"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2011-4004",
"trust": 4.4
},
{
"db": "ZDI",
"id": "ZDI-11-308",
"trust": 1.8
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002704",
"trust": 0.8
},
{
"db": "SECUNIA",
"id": "46607",
"trust": 0.8
},
{
"db": "ZDI_CAN",
"id": "ZDI-CAN-1170",
"trust": 0.7
},
{
"db": "CNNVD",
"id": "CNNVD-201110-653",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2011-4516",
"trust": 0.6
},
{
"db": "CISCO",
"id": "20111026 BUFFER OVERFLOW VULNERABILITIES IN THE CISCO WEBEX PLAYER",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "18037",
"trust": 0.6
},
{
"db": "ZDI",
"id": "ZDI-11-341",
"trust": 0.3
},
{
"db": "BID",
"id": "50373",
"trust": 0.3
},
{
"db": "PACKETSTORM",
"id": "106270",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-51949",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2011-4004",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "106320",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "106250",
"trust": 0.1
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-308"
},
{
"db": "CNVD",
"id": "CNVD-2011-4516"
},
{
"db": "VULHUB",
"id": "VHN-51949"
},
{
"db": "VULMON",
"id": "CVE-2011-4004"
},
{
"db": "BID",
"id": "50373"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002704"
},
{
"db": "PACKETSTORM",
"id": "106270"
},
{
"db": "PACKETSTORM",
"id": "106320"
},
{
"db": "PACKETSTORM",
"id": "106250"
},
{
"db": "NVD",
"id": "CVE-2011-4004"
},
{
"db": "CNNVD",
"id": "CNNVD-201110-653"
}
]
},
"id": "VAR-201110-0222",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-4516"
},
{
"db": "VULHUB",
"id": "VHN-51949"
}
],
"trust": 1.329615372
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2011-4516"
}
]
},
"last_update_date": "2023-12-18T13:40:09.132000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20111026-webex",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20111026-webex"
},
{
"title": "24442",
"trust": 0.8,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=24442"
},
{
"title": "cisco-sa-20111026-webex",
"trust": 0.8,
"url": "http://www.cisco.com/cisco/web/support/jp/110/1108/1108764_cisco-sa-20111026-webex-j.html"
},
{
"title": "Cisco has issued an update to correct this vulnerability.",
"trust": 0.7,
"url": "http://www.cisco.com/go/psirt"
},
{
"title": "Patch for Cisco WebEx WRF/ATAS32 File Format Remote Buffer Overflow Vulnerability (CNVD-2011-4516)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/5668"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-308"
},
{
"db": "CNVD",
"id": "CNVD-2011-4516"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002704"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-51949"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002704"
},
{
"db": "NVD",
"id": "CVE-2011-4004"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20111026-webex"
},
{
"trust": 1.0,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-308/"
},
{
"trust": 0.9,
"url": "http://www.cisco.com/go/psirt"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-4004"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-4004"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/46607"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/18037"
},
{
"trust": 0.4,
"url": "http://www.webex.com/"
},
{
"trust": 0.3,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-341/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-4004"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=24442"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/disclosure_policy/"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com/advisories/zdi-11-308"
},
{
"trust": 0.1,
"url": "http://twitter.com/thezdi"
},
{
"trust": 0.1,
"url": "http://www.zerodayinitiative.com"
},
{
"trust": 0.1,
"url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=46607"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_intelligence/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/46607/#comments"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/vulnerability_scanning/personal/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/products/corporate/vim/ovum_2011_request/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/46607/"
},
{
"trust": 0.1,
"url": "http://secunia.com/advisories/about_secunia_advisories/"
},
{
"trust": 0.1,
"url": "https://www.webex.com/downloadplayer.html."
},
{
"trust": 0.1,
"url": "http://www.cisco.com/en/us/products/products_security_vulnerability_policy.html"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/publicationlisting"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/en/us/docs/general/warranty/english/eu1ken_.html"
},
{
"trust": 0.1,
"url": "https://www.webex.com/downloadplayer.html"
},
{
"trust": 0.1,
"url": "https://www.webex.com"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html"
},
{
"trust": 0.1,
"url": "http://secunia.com/"
},
{
"trust": 0.1,
"url": "http://lists.grok.org.uk/full-disclosure-charter.html"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/public/sw-center/sw-usingswc.shtml"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3319"
},
{
"trust": 0.1,
"url": "http://intellishield.cisco.com/security/alertmanager/cvss"
}
],
"sources": [
{
"db": "ZDI",
"id": "ZDI-11-308"
},
{
"db": "CNVD",
"id": "CNVD-2011-4516"
},
{
"db": "VULHUB",
"id": "VHN-51949"
},
{
"db": "VULMON",
"id": "CVE-2011-4004"
},
{
"db": "BID",
"id": "50373"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002704"
},
{
"db": "PACKETSTORM",
"id": "106270"
},
{
"db": "PACKETSTORM",
"id": "106320"
},
{
"db": "PACKETSTORM",
"id": "106250"
},
{
"db": "NVD",
"id": "CVE-2011-4004"
},
{
"db": "CNNVD",
"id": "CNNVD-201110-653"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZDI",
"id": "ZDI-11-308"
},
{
"db": "CNVD",
"id": "CNVD-2011-4516"
},
{
"db": "VULHUB",
"id": "VHN-51949"
},
{
"db": "VULMON",
"id": "CVE-2011-4004"
},
{
"db": "BID",
"id": "50373"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-002704"
},
{
"db": "PACKETSTORM",
"id": "106270"
},
{
"db": "PACKETSTORM",
"id": "106320"
},
{
"db": "PACKETSTORM",
"id": "106250"
},
{
"db": "NVD",
"id": "CVE-2011-4004"
},
{
"db": "CNNVD",
"id": "CNNVD-201110-653"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-10-26T00:00:00",
"db": "ZDI",
"id": "ZDI-11-308"
},
{
"date": "2011-10-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-4516"
},
{
"date": "2011-10-27T00:00:00",
"db": "VULHUB",
"id": "VHN-51949"
},
{
"date": "2011-10-27T00:00:00",
"db": "VULMON",
"id": "CVE-2011-4004"
},
{
"date": "2011-10-26T00:00:00",
"db": "BID",
"id": "50373"
},
{
"date": "2011-11-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-002704"
},
{
"date": "2011-10-26T23:20:18",
"db": "PACKETSTORM",
"id": "106270"
},
{
"date": "2011-10-28T06:41:05",
"db": "PACKETSTORM",
"id": "106320"
},
{
"date": "2011-10-26T18:04:06",
"db": "PACKETSTORM",
"id": "106250"
},
{
"date": "2011-10-27T21:55:01.107000",
"db": "NVD",
"id": "CVE-2011-4004"
},
{
"date": "1900-01-01T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201110-653"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-10-26T00:00:00",
"db": "ZDI",
"id": "ZDI-11-308"
},
{
"date": "2011-10-27T00:00:00",
"db": "CNVD",
"id": "CNVD-2011-4516"
},
{
"date": "2012-04-06T00:00:00",
"db": "VULHUB",
"id": "VHN-51949"
},
{
"date": "2012-04-06T00:00:00",
"db": "VULMON",
"id": "CVE-2011-4004"
},
{
"date": "2011-12-07T22:17:00",
"db": "BID",
"id": "50373"
},
{
"date": "2011-11-04T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-002704"
},
{
"date": "2012-04-06T04:00:00",
"db": "NVD",
"id": "CVE-2011-4004"
},
{
"date": "2011-10-28T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201110-653"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "106270"
},
{
"db": "PACKETSTORM",
"id": "106250"
},
{
"db": "CNNVD",
"id": "CNNVD-201110-653"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco WebEx Recording Format (WRF) player of ATAS32 Buffer overflow vulnerability in processing functions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-002704"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201110-653"
}
],
"trust": 0.6
}
}
var-201102-0307
Vulnerability from variot
Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted (1) .wrf or (2) .arf file, related to atas32.dll, a different vulnerability than CVE-2010-3042, CVE-2010-3043, and CVE-2010-3044. Cisco WebEx is prone to multiple remote buffer-overflow vulnerabilities because it fails to perform adequate boundary-checks on user-supplied data. Failed exploit attempts will result in a denial-of-service condition.
The Cisco WebEx Players are applications that are used to play back WebEx meeting recordings that have been recorded on the computer of an on-line meeting attendee. The players can be automatically installed when the user accesses a recording file that is hosted on a WebEx server. The player can also be manually installed for offline playback after downloading the application from www.webex.com
If the WebEx recording player was automatically installed, it will be automatically upgraded to the latest, non-vulnerable version when users access a recording file that is hosted on a WebEx server. If the WebEx recording player was manually installed, users will need to manually install a new version of the player after downloading the latest version from www.webex.com
Cisco has released free software updates that address these vulnerabilities.
This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20110201-webex.shtml.
Affected Products
Vulnerable Products +------------------
The vulnerabilities disclosed in this advisory affect the Cisco WebEx recording players. Microsoft Windows, Apple Mac OS X, and Linux versions of the player are all affected. Affected versions of the players are those prior to client builds T27LC SP22 and T27LB SP21 EP3. Customers who have contractual agreements that prevent WebEx from automatically upgrading a recording player to the latest version should contact their account manager to determine upgrade options.
To determine whether a Cisco WebEx server is running an affected version of the WebEx client build, users can log in to their Cisco WebEx server and go to the Support > Downloads section. The version of the WebEx client build will be displayed on the right side of the page under "About Support Center." See "Software Versions and Fixes" for details.
Cisco recommends that users upgrade to the most current version of the player that is available from www.webex.com/downloadplayer.html
Products Confirmed Not Vulnerable +--------------------------------
No other Cisco products are currently known to be affected by these vulnerabilities.
Details
The WebEx meeting service is a hosted multimedia conferencing solution that is managed and maintained by Cisco WebEx. The WRF and ARF file formats are used to store WebEx meeting recordings that have been recorded on the computer of an on-line meeting attendee. The players are applications that are used to play back and edit recording files (files with .wrf and .arf extensions). The recording players can be automatically installed when the user accesses a recording file that is hosted on a WebEx server (for stream playback mode). The recording players can also be manually installed after downloading the application from www.webex.com/downloadplayer.html to play back recording files locally (for offline playback mode).
Multiple buffer overflow vulnerabilities exist in the WRF and ARF players. The vulnerabilities may lead to a crash of the player application or, in some cases, remote code execution could occur.
To exploit one of these vulnerabilities, the player application would need to open a malicious WRF or ARF file. An attacker may be able to accomplish this exploit by providing the malicious recording file directly to users (for example, by using e-mail) or by directing a user to a malicious web page. The vulnerability cannot be triggered by users who are attending a WebEx meeting.
These vulnerabilities have been assigned the following Common Vulnerabilities and Exposures (CVE) identifiers:
- CVE-2010-3269
- CVE-2010-3041
- CVE-2010-3042
- CVE-2010-3043
- CVE-2010-3044
Vulnerability Scoring Details
Cisco has provided scores for the vulnerabilities in this advisory based on the Common Vulnerability Scoring System (CVSS). The CVSS scoring in this Security Advisory is done in accordance with CVSS version 2.0.
CVSS is a standards-based scoring method that conveys vulnerability severity and helps determine urgency and priority of response.
Cisco has provided a base and temporal score. Customers can then compute environmental scores to assist in determining the impact of the vulnerability in individual networks.
Cisco has provided an FAQ to answer additional questions regarding CVSS at:
http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html
Cisco has also provided a CVSS calculator to help compute the environmental impact for individual networks at:
http://intellishield.cisco.com/security/alertmanager/cvss
- Multiple Cisco WebEx Player Buffer Overflow Vulnerabilities
CVSS Base Score - 9.3 Access Vector - Network Access Complexity - Medium Authentication - None Confidentiality Impact - Complete Integrity Impact - Complete Availability Impact - Complete
CVSS Temporal Score - 7.7 Exploitability - Functional Remediation Level - Official-Fix Report Confidence - Confirmed
Impact
Successful exploitation of the vulnerabilities described in this document could result in a crash of the Cisco WebEx ARF Player or WRF Player application and, in some cases, allow a remote attacker to execute arbitrary code on the system with the privileges of the user who is running the recording player application.
Software Versions and Fixes
When considering software upgrades, also consult http://www.cisco.com/go/psirt and any subsequent advisories to determine exposure and a complete upgrade solution.
These vulnerabilities are first fixed in T27LC SP22 and T27LB SP21 EP3. For customers who are running T27LC SP22, the client build will be represented as 27.22SP.0.9253. The fix for customers who are running T27LB SP21 will be deployed by WebEx over the next few weeks. The client build will be determined after the software is deployed.
The client build is listed in the Support > Downloads section of the WebEx page after a user authenticates. WebEx bug fixes are cumulative in a major release. For example, if release 27.22SP.0 is fixed, release 27.22SP.1 will also have the software fix.
If a recording player was automatically installed, it will be automatically upgraded to the latest, nonvulnerable version when users access a recording file that is hosted on a WebEx server.
If a WebEx recording player was manually installed, users will need to manually install a new version of the player after downloading the latest version from www.webex.com/downloadplayer.html
Workarounds
There are no workarounds for the vulnerabilities disclosed in this advisory.
Obtaining Fixed Software
Cisco has released free software updates that address these vulnerabilities. Prior to deploying software, customers should consult their maintenance provider or check the software for feature set compatibility and known issues specific to their environment.
Customers may only install and expect support for the feature sets they have purchased. By installing, downloading, accessing or otherwise using such software upgrades, customers agree to be bound by the terms of Cisco's software license terms found at http://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html, or as otherwise set forth at Cisco.com Downloads at http://www.cisco.com/public/sw-center/sw-usingswc.shtml
Do not contact psirt@cisco.com or security-alert@cisco.com for software upgrades.
Exploitation and Public Announcements
The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability described in this advisory.
These vulnerabilities were either found during internal testing or reported to Cisco by a variety of sources, including Core Security, TippingPoint, and Fortinet's FortiGuard Labs.
Cisco would like to thank these organizations for reporting these vulnerabilities.
Status of this Notice: FINAL
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.
A stand-alone copy or Paraphrase of the text of this document that omits the distribution URL in the following section is an uncontrolled copy, and may lack important information or contain factual errors.
Distribution
This advisory is posted on Cisco's worldwide website at :
http://www.cisco.com/warp/public/707/cisco-sa-20110201-webex.shtml
In addition to worldwide web posting, a text version of this notice is clear-signed with the Cisco PSIRT PGP key and is posted to the following e-mail and Usenet news recipients.
- cust-security-announce@cisco.com
- first-bulletins@lists.first.org
- bugtraq@securityfocus.com
- vulnwatch@vulnwatch.org
- cisco@spot.colorado.edu
- cisco-nsp@puck.nether.net
- full-disclosure@lists.grok.org.uk
- comp.dcom.sys.cisco@newsgate.cisco.com
Future updates of this advisory, if any, will be placed on Cisco's worldwide website, but may or may not be actively announced on mailing lists or newsgroups. Users concerned about this problem are encouraged to check the above URL for any updates.
Revision History
+---------------------------------------+ | Revision | | Initial | | 1.0 | 2011-Feb-01 | public | | | | release. | +---------------------------------------+
Cisco Security Procedures
Complete information on reporting security vulnerabilities in Cisco products, obtaining assistance with security incidents, and registering to receive security information from Cisco, is available on Cisco's worldwide website at http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html. This includes instructions for press inquiries regarding Cisco security notices. All Cisco security advisories are available at http://www.cisco.com/go/psirt.
+-------------------------------------------------------------------- Copyright 2010-2011 Cisco Systems, Inc. All rights reserved. +--------------------------------------------------------------------
-----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.14 (Darwin)
iF4EAREIAAYFAk1IQjoACgkQQXnnBKKRMNCpdQEAg/vWtP38VKH2ZDeL9QMQfx6E M8nIZdeL2XGonJpT60IA/0APzTbZPE+9rWTi1Z0lJqIgCjHls3jo+sGQWSPvxxkS =Ur/Y -----END PGP SIGNATURE-----
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201102-0307",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webex recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.12"
},
{
"model": "webex advanced recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "26.49"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.13"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "26.49"
},
{
"model": "webex advanced recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.11.0.3328"
},
{
"model": "webex advanced recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.10"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.11.0.3328"
},
{
"model": "webex recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.10"
},
{
"model": "webex advanced recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.12"
},
{
"model": "webex advanced recording format player",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "27.13"
},
{
"model": "webex advanced recording format player",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "t27lb of sp21 ep3"
},
{
"model": "webex advanced recording format player",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "t27lc of sp22"
},
{
"model": "webex recording format player",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "t27lb of sp21 ep3"
},
{
"model": "webex recording format player",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "t27lc of sp22"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "27.00"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "26.00"
},
{
"model": "webex 27lc sp22",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex 27lb sp21 ep3",
"scope": "ne",
"trust": 0.6,
"vendor": "cisco",
"version": null
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "27.10"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "26.49.32"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)27.11.8"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)26.49.35"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)27.00"
},
{
"model": "webex (mac os",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "x)26.00"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "27.11.8"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "26.49.35"
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"model": "webex (mac os 27lc sp22",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
},
{
"model": "webex (mac os 27lb sp21 ep3",
"scope": "ne",
"trust": 0.3,
"vendor": "cisco",
"version": "x)"
}
],
"sources": [
{
"db": "BID",
"id": "46075"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003857"
},
{
"db": "NVD",
"id": "CVE-2010-3041"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-028"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:27.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:26.49:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:27.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:27.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:27.11.0.3328:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:27.11.0.3328:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:27.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:27.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:26.49:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:27.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2010-3041"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Federico MuttisTippingPoint \u003chttp://www.tippingpoint.com/\u003e",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201102-028"
}
],
"trust": 0.6
},
"cve": "CVE-2010-3041",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 9.3,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2010-3041",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-45646",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2010-3041",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201102-028",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-45646",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-45646"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003857"
},
{
"db": "NVD",
"id": "CVE-2010-3041"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-028"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted (1) .wrf or (2) .arf file, related to atas32.dll, a different vulnerability than CVE-2010-3042, CVE-2010-3043, and CVE-2010-3044. Cisco WebEx is prone to multiple remote buffer-overflow vulnerabilities because it fails to perform adequate boundary-checks on user-supplied data. Failed exploit attempts will result in a denial-of-service condition. \n\nThe Cisco WebEx Players are applications that are used to play back\nWebEx meeting recordings that have been recorded on the computer of\nan on-line meeting attendee. The players can be automatically\ninstalled when the user accesses a recording file that is hosted on a\nWebEx server. The player can also be manually installed for offline\nplayback after downloading the application from www.webex.com\n\nIf the WebEx recording player was automatically installed, it will be\nautomatically upgraded to the latest, non-vulnerable version when\nusers access a recording file that is hosted on a WebEx server. If\nthe WebEx recording player was manually installed, users will need to\nmanually install a new version of the player after downloading the\nlatest version from www.webex.com \n\nCisco has released free software updates that address these\nvulnerabilities. \n\nThis advisory is posted at\nhttp://www.cisco.com/warp/public/707/cisco-sa-20110201-webex.shtml. \n\nAffected Products\n=================\n\nVulnerable Products\n+------------------\n\nThe vulnerabilities disclosed in this advisory affect the Cisco WebEx\nrecording players. Microsoft Windows, Apple Mac OS X, and Linux\nversions of the player are all affected. Affected versions of the\nplayers are those prior to client builds T27LC SP22 and T27LB SP21\nEP3. Customers who have contractual agreements that prevent WebEx\nfrom automatically upgrading a recording player to the latest version\nshould contact their account manager to determine upgrade options. \n\nTo determine whether a Cisco WebEx server is running an affected\nversion of the WebEx client build, users can log in to their Cisco\nWebEx server and go to the Support \u003e Downloads section. The version\nof the WebEx client build will be displayed on the right side of the\npage under \"About Support Center.\" See \"Software Versions and Fixes\"\nfor details. \n\nCisco recommends that users upgrade to the most current version of\nthe player that is available from www.webex.com/downloadplayer.html\n\n\nProducts Confirmed Not Vulnerable\n+--------------------------------\n\nNo other Cisco products are currently known to be affected by these\nvulnerabilities. \n\nDetails\n=======\n\nThe WebEx meeting service is a hosted multimedia conferencing\nsolution that is managed and maintained by Cisco WebEx. The WRF and\nARF file formats are used to store WebEx meeting recordings that have\nbeen recorded on the computer of an on-line meeting attendee. The\nplayers are applications that are used to play back and edit\nrecording files (files with .wrf and .arf extensions). The recording\nplayers can be automatically installed when the user accesses a\nrecording file that is hosted on a WebEx server (for stream playback\nmode). The recording players can also be manually installed after\ndownloading the application from www.webex.com/downloadplayer.html\nto play back recording files locally (for offline\nplayback mode). \n\nMultiple buffer overflow vulnerabilities exist in the WRF and ARF\nplayers. The vulnerabilities may lead to a crash of the player\napplication or, in some cases, remote code execution could occur. \n\nTo exploit one of these vulnerabilities, the player application would\nneed to open a malicious WRF or ARF file. An attacker may be able to\naccomplish this exploit by providing the malicious recording file\ndirectly to users (for example, by using e-mail) or by directing a\nuser to a malicious web page. The vulnerability cannot be triggered\nby users who are attending a WebEx meeting. \n\nThese vulnerabilities have been assigned the following Common\nVulnerabilities and Exposures (CVE) identifiers:\n\n * CVE-2010-3269\n * CVE-2010-3041\n * CVE-2010-3042\n * CVE-2010-3043\n * CVE-2010-3044\n\nVulnerability Scoring Details\n\nCisco has provided scores for the vulnerabilities in this advisory\nbased on the Common Vulnerability Scoring System (CVSS). The CVSS\nscoring in this Security Advisory is done in accordance with CVSS\nversion 2.0. \n\nCVSS is a standards-based scoring method that conveys vulnerability\nseverity and helps determine urgency and priority of response. \n\nCisco has provided a base and temporal score. Customers can then\ncompute environmental scores to assist in determining the impact of\nthe vulnerability in individual networks. \n\nCisco has provided an FAQ to answer additional questions regarding\nCVSS at:\n\nhttp://www.cisco.com/web/about/security/intelligence/cvss-qandas.html\n\n\nCisco has also provided a CVSS calculator to help compute the\nenvironmental impact for individual networks at:\n\nhttp://intellishield.cisco.com/security/alertmanager/cvss \n\n* Multiple Cisco WebEx Player Buffer Overflow Vulnerabilities\n\nCVSS Base Score - 9.3\n Access Vector - Network\n Access Complexity - Medium\n Authentication - None\n Confidentiality Impact - Complete\n Integrity Impact - Complete\n Availability Impact - Complete\n\nCVSS Temporal Score - 7.7\n Exploitability - Functional\n Remediation Level - Official-Fix\n Report Confidence - Confirmed\n\n\nImpact\n======\n\nSuccessful exploitation of the vulnerabilities described in this\ndocument could result in a crash of the Cisco WebEx ARF Player or WRF\nPlayer application and, in some cases, allow a remote attacker to\nexecute arbitrary code on the system with the privileges of the user\nwho is running the recording player application. \n\nSoftware Versions and Fixes\n===========================\n\nWhen considering software upgrades, also consult http://www.cisco.com/go/psirt\nand any subsequent advisories to determine exposure and a\ncomplete upgrade solution. \n\nThese vulnerabilities are first fixed in T27LC SP22 and T27LB SP21\nEP3. For customers who are running T27LC SP22, the client build will\nbe represented as 27.22SP.0.9253. The fix for customers who are\nrunning T27LB SP21 will be deployed by WebEx over the next few weeks. \nThe client build will be determined after the software is deployed. \n\nThe client build is listed in the Support \u003e Downloads section of the\nWebEx page after a user authenticates. WebEx bug fixes are cumulative\nin a major release. For example, if release 27.22SP.0 is fixed,\nrelease 27.22SP.1 will also have the software fix. \n\nIf a recording player was automatically installed, it will be\nautomatically upgraded to the latest, nonvulnerable version when\nusers access a recording file that is hosted on a WebEx server. \n\nIf a WebEx recording player was manually installed, users will need\nto manually install a new version of the player after downloading the\nlatest version from www.webex.com/downloadplayer.html\n\nWorkarounds\n===========\n\nThere are no workarounds for the vulnerabilities disclosed in this\nadvisory. \n\nObtaining Fixed Software\n========================\n\nCisco has released free software updates that address these\nvulnerabilities. Prior to deploying software, customers should\nconsult their maintenance provider or check the software for feature\nset compatibility and known issues specific to their environment. \n\nCustomers may only install and expect support for the feature sets\nthey have purchased. By installing, downloading, accessing or\notherwise using such software upgrades, customers agree to be bound\nby the terms of Cisco\u0027s software license terms found at \nhttp://www.cisco.com/en/US/docs/general/warranty/English/EU1KEN_.html,\nor as otherwise set forth at Cisco.com Downloads at\nhttp://www.cisco.com/public/sw-center/sw-usingswc.shtml \n\nDo not contact psirt@cisco.com or security-alert@cisco.com for\nsoftware upgrades. \n\nExploitation and Public Announcements\n=====================================\n\nThe Cisco PSIRT is not aware of any public announcements or malicious\nuse of the vulnerability described in this advisory. \n\nThese vulnerabilities were either found during internal testing or\nreported to Cisco by a variety of sources, including Core Security,\nTippingPoint, and Fortinet\u0027s FortiGuard Labs. \n\nCisco would like to thank these organizations for reporting these\nvulnerabilities. \n\nStatus of this Notice: FINAL\n============================\n\nTHIS DOCUMENT IS PROVIDED ON AN \"AS IS\" BASIS AND DOES NOT IMPLY ANY\nKIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF\nMERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE\nINFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS\nAT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS\nDOCUMENT AT ANY TIME. \n\nA stand-alone copy or Paraphrase of the text of this document that\nomits the distribution URL in the following section is an\nuncontrolled copy, and may lack important information or contain\nfactual errors. \n\nDistribution\n============\n\nThis advisory is posted on Cisco\u0027s worldwide website at :\n\nhttp://www.cisco.com/warp/public/707/cisco-sa-20110201-webex.shtml\n\nIn addition to worldwide web posting, a text version of this notice\nis clear-signed with the Cisco PSIRT PGP key and is posted to the\nfollowing e-mail and Usenet news recipients. \n\n * cust-security-announce@cisco.com\n * first-bulletins@lists.first.org\n * bugtraq@securityfocus.com\n * vulnwatch@vulnwatch.org\n * cisco@spot.colorado.edu\n * cisco-nsp@puck.nether.net\n * full-disclosure@lists.grok.org.uk\n * comp.dcom.sys.cisco@newsgate.cisco.com\n\nFuture updates of this advisory, if any, will be placed on Cisco\u0027s\nworldwide website, but may or may not be actively announced on\nmailing lists or newsgroups. Users concerned about this problem are\nencouraged to check the above URL for any updates. \n\nRevision History\n================\n\n+---------------------------------------+\n| Revision | | Initial |\n| 1.0 | 2011-Feb-01 | public |\n| | | release. |\n+---------------------------------------+\n\nCisco Security Procedures\n=========================\n\nComplete information on reporting security vulnerabilities in Cisco\nproducts, obtaining assistance with security incidents, and\nregistering to receive security information from Cisco, is available\non Cisco\u0027s worldwide website at \nhttp://www.cisco.com/en/US/products/products_security_vulnerability_policy.html. \nThis includes instructions for press inquiries regarding Cisco security notices. \nAll Cisco security advisories are available at \nhttp://www.cisco.com/go/psirt. \n\n+--------------------------------------------------------------------\nCopyright 2010-2011 Cisco Systems, Inc. All rights reserved. \n+--------------------------------------------------------------------\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG/MacGPG2 v2.0.14 (Darwin)\n\niF4EAREIAAYFAk1IQjoACgkQQXnnBKKRMNCpdQEAg/vWtP38VKH2ZDeL9QMQfx6E\nM8nIZdeL2XGonJpT60IA/0APzTbZPE+9rWTi1Z0lJqIgCjHls3jo+sGQWSPvxxkS\n=Ur/Y\n-----END PGP SIGNATURE-----\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2010-3041"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003857"
},
{
"db": "BID",
"id": "46075"
},
{
"db": "VULHUB",
"id": "VHN-45646"
},
{
"db": "PACKETSTORM",
"id": "98073"
}
],
"trust": 2.07
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-45646",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-45646"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2010-3041",
"trust": 2.9
},
{
"db": "BID",
"id": "46075",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1025016",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003857",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201102-028",
"trust": 0.7
},
{
"db": "CISCO",
"id": "20110201 MULTIPLE CISCO WEBEX PLAYER VULNERABILITIES",
"trust": 0.6
},
{
"db": "XF",
"id": "65072",
"trust": 0.6
},
{
"db": "NSFOCUS",
"id": "16391",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "98073",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-45646",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-45646"
},
{
"db": "BID",
"id": "46075"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003857"
},
{
"db": "PACKETSTORM",
"id": "98073"
},
{
"db": "NVD",
"id": "CVE-2010-3041"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-028"
}
]
},
"id": "VAR-201102-0307",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-45646"
}
],
"trust": 0.7453525499999999
},
"last_update_date": "2023-12-18T12:58:25.590000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20110201-webex",
"trust": 0.8,
"url": "http://www.cisco.com/en/us/products/products_security_advisory09186a0080b6913f.shtml"
},
{
"title": "cisco-sa-20110201-webex",
"trust": 0.8,
"url": "http://www.cisco.com/cisco/web/support/jp/110/1103/1103539_cisco-sa-20110201-webex-j.html"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-003857"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-45646"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003857"
},
{
"db": "NVD",
"id": "CVE-2010-3041"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/46075"
},
{
"trust": 1.7,
"url": "http://www.cisco.com/en/us/products/products_security_advisory09186a0080b6913f.shtml"
},
{
"trust": 1.7,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=22016"
},
{
"trust": 1.7,
"url": "http://www.fortiguard.com/advisory/fga-2011-03.html"
},
{
"trust": 1.7,
"url": "http://securitytracker.com/id?1025016"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65072"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3041"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-3041"
},
{
"trust": 0.6,
"url": "http://xforce.iss.net/xforce/xfdb/65072"
},
{
"trust": 0.6,
"url": "http://www.nsfocus.net/vulndb/16391"
},
{
"trust": 0.4,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20110201-webex.shtml"
},
{
"trust": 0.3,
"url": "http://www.coresecurity.com/content/webex-atp-and-wrf-overflow-vulnerabilities"
},
{
"trust": 0.3,
"url": "http://www.webex.com/"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/en/us/products/products_security_vulnerability_policy.html."
},
{
"trust": 0.1,
"url": "http://www.cisco.com/go/psirt"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3043"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20110201-webex.shtml."
},
{
"trust": 0.1,
"url": "http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html"
},
{
"trust": 0.1,
"url": "https://www.webex.com/downloadplayer.html"
},
{
"trust": 0.1,
"url": "https://www.webex.com"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3044"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3041"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3269"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2010-3042"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/go/psirt."
},
{
"trust": 0.1,
"url": "http://www.cisco.com/public/sw-center/sw-usingswc.shtml"
},
{
"trust": 0.1,
"url": "http://www.cisco.com/en/us/docs/general/warranty/english/eu1ken_.html,"
},
{
"trust": 0.1,
"url": "http://intellishield.cisco.com/security/alertmanager/cvss"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-45646"
},
{
"db": "BID",
"id": "46075"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003857"
},
{
"db": "PACKETSTORM",
"id": "98073"
},
{
"db": "NVD",
"id": "CVE-2010-3041"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-028"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-45646"
},
{
"db": "BID",
"id": "46075"
},
{
"db": "JVNDB",
"id": "JVNDB-2011-003857"
},
{
"db": "PACKETSTORM",
"id": "98073"
},
{
"db": "NVD",
"id": "CVE-2010-3041"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-028"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2011-02-02T00:00:00",
"db": "VULHUB",
"id": "VHN-45646"
},
{
"date": "2011-01-31T00:00:00",
"db": "BID",
"id": "46075"
},
{
"date": "2012-03-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-003857"
},
{
"date": "2011-02-02T02:55:23",
"db": "PACKETSTORM",
"id": "98073"
},
{
"date": "2011-02-02T23:00:02.940000",
"db": "NVD",
"id": "CVE-2010-3041"
},
{
"date": "2011-02-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-028"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-08-17T00:00:00",
"db": "VULHUB",
"id": "VHN-45646"
},
{
"date": "2011-02-01T16:20:00",
"db": "BID",
"id": "46075"
},
{
"date": "2012-03-27T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2011-003857"
},
{
"date": "2017-08-17T01:32:54.057000",
"db": "NVD",
"id": "CVE-2010-3041"
},
{
"date": "2011-07-06T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201102-028"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "98073"
},
{
"db": "CNNVD",
"id": "CNNVD-201102-028"
}
],
"trust": 0.7
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco WRF and ARF Player T27LB Vulnerable to buffer overflow",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2011-003857"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201102-028"
}
],
"trust": 0.6
}
}
var-201806-1039
Vulnerability from variot
A vulnerability in the web framework of Cisco WebEx could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web interface of an affected system. The vulnerability is due to insufficient input validation of certain parameters that are passed to the affected software via the HTTP GET and HTTP POST methods. An attacker who can convince a user to follow an attacker-supplied link could execute arbitrary script or HTML code in the user's browser in the context of an affected site. Cisco Bug IDs: CSCvi63757. Cisco WebEx Contains a cross-site scripting vulnerability. Vendors have confirmed this vulnerability Bug IDs: CSCvi63757 It is released as.Information may be obtained and information may be altered. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. Cisco WebEx is a set of Web conferencing tools developed by American Cisco (Cisco), which can assist office workers in different places to coordinate and cooperate. WebEx services include Web conferencing, telepresence video conferencing and enterprise instant messaging (IM)
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201806-1039",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webex meetings",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "t32"
},
{
"model": "webex meetings",
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": "webex meetings online t32",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"model": "webex",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
}
],
"sources": [
{
"db": "BID",
"id": "104421"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006152"
},
{
"db": "NVD",
"id": "CVE-2018-0356"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-361"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:cisco:webex_meetings:t32:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2018-0356"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Adam Willard",
"sources": [
{
"db": "BID",
"id": "104421"
}
],
"trust": 0.3
},
"cve": "CVE-2018-0356",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 4.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2018-0356",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.6,
"id": "VHN-118558",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 6.1,
"baseSeverity": "Medium",
"confidentialityImpact": "Low",
"exploitabilityScore": null,
"id": "CVE-2018-0356",
"impactScore": null,
"integrityImpact": "Low",
"privilegesRequired": "None",
"scope": "Changed",
"trust": 0.8,
"userInteraction": "Required",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2018-0356",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201806-361",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-118558",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-118558"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006152"
},
{
"db": "NVD",
"id": "CVE-2018-0356"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-361"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "A vulnerability in the web framework of Cisco WebEx could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web interface of an affected system. The vulnerability is due to insufficient input validation of certain parameters that are passed to the affected software via the HTTP GET and HTTP POST methods. An attacker who can convince a user to follow an attacker-supplied link could execute arbitrary script or HTML code in the user\u0027s browser in the context of an affected site. Cisco Bug IDs: CSCvi63757. Cisco WebEx Contains a cross-site scripting vulnerability. Vendors have confirmed this vulnerability Bug IDs: CSCvi63757 It is released as.Information may be obtained and information may be altered. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks. Cisco WebEx is a set of Web conferencing tools developed by American Cisco (Cisco), which can assist office workers in different places to coordinate and cooperate. WebEx services include Web conferencing, telepresence video conferencing and enterprise instant messaging (IM)",
"sources": [
{
"db": "NVD",
"id": "CVE-2018-0356"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006152"
},
{
"db": "BID",
"id": "104421"
},
{
"db": "VULHUB",
"id": "VHN-118558"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2018-0356",
"trust": 2.8
},
{
"db": "BID",
"id": "104421",
"trust": 2.0
},
{
"db": "SECTRACK",
"id": "1041062",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006152",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201806-361",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-118558",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-118558"
},
{
"db": "BID",
"id": "104421"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006152"
},
{
"db": "NVD",
"id": "CVE-2018-0356"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-361"
}
]
},
"id": "VAR-201806-1039",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-118558"
}
],
"trust": 0.01
},
"last_update_date": "2023-12-18T12:18:43.401000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20180606-webex-xss",
"trust": 0.8,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180606-webex-xss"
},
{
"title": "Cisco WebEx Fixes for cross-site scripting vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=80716"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-006152"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-361"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-118558"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006152"
},
{
"db": "NVD",
"id": "CVE-2018-0356"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20180606-webex-xss"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/104421"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id/1041062"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-0356"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-0356"
},
{
"trust": 0.3,
"url": "http://www.cisco.com/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-118558"
},
{
"db": "BID",
"id": "104421"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006152"
},
{
"db": "NVD",
"id": "CVE-2018-0356"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-361"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-118558"
},
{
"db": "BID",
"id": "104421"
},
{
"db": "JVNDB",
"id": "JVNDB-2018-006152"
},
{
"db": "NVD",
"id": "CVE-2018-0356"
},
{
"db": "CNNVD",
"id": "CNNVD-201806-361"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-06-07T00:00:00",
"db": "VULHUB",
"id": "VHN-118558"
},
{
"date": "2018-06-06T00:00:00",
"db": "BID",
"id": "104421"
},
{
"date": "2018-08-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-006152"
},
{
"date": "2018-06-07T21:29:00.887000",
"db": "NVD",
"id": "CVE-2018-0356"
},
{
"date": "2018-06-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201806-361"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-10-09T00:00:00",
"db": "VULHUB",
"id": "VHN-118558"
},
{
"date": "2018-06-06T00:00:00",
"db": "BID",
"id": "104421"
},
{
"date": "2018-08-09T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2018-006152"
},
{
"date": "2019-10-09T23:31:51.880000",
"db": "NVD",
"id": "CVE-2018-0356"
},
{
"date": "2019-10-17T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201806-361"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201806-361"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco WebEx Vulnerable to cross-site scripting",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2018-006152"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201806-361"
}
],
"trust": 0.6
}
}
cve-2012-6399
Vulnerability from cvelistv5
Published
2013-05-27 14:00
Modified
2024-09-16 22:25
Severity ?
EPSS score ?
Summary
Cisco WebEx 4.1 on iOS does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate, aka Bug ID CSCud94176.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/51412 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:28:39.787Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "51412",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/51412"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cisco WebEx 4.1 on iOS does not verify that the server hostname matches a domain name in the subject\u0027s Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate, aka Bug ID CSCud94176."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-05-27T14:00:00Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "51412",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/51412"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2012-6399",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco WebEx 4.1 on iOS does not verify that the server hostname matches a domain name in the subject\u0027s Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate, aka Bug ID CSCud94176."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "51412",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51412"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2012-6399",
"datePublished": "2013-05-27T14:00:00Z",
"dateReserved": "2012-12-16T00:00:00Z",
"dateUpdated": "2024-09-16T22:25:14.412Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-2878
Vulnerability from cvelistv5
Published
2009-12-18 19:00
Modified
2024-08-07 06:07
Severity ?
EPSS score ?
Summary
Heap-based buffer overflow in atas32.dll in the Cisco WebEx WRF Player 26.x before 26.49.32 (aka T26SP49EP32) for Windows, 27.x before 27.10.x (aka T27SP10) for Windows, 26.x before 26.49.35 for Mac OS X and Linux, and 27.x before 27.11.8 for Mac OS X and Linux allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted WebEx Recording Format (WRF) file, a different vulnerability than CVE-2009-2876 and CVE-2009-2879.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:07:37.237Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22660\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.fortiguard.com/advisory/FGA-2009-48.html"
},
{
"name": "37810",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37810"
},
{
"name": "61128",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/61128"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=23040\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://fgc.fortinet.com/encyclopedia/vulnerability/fg-vd-09-013-cisco.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22799\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=19499"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22663\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22661\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"name": "1023360",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1023360"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22662\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"name": "ADV-2009-3574",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/3574"
},
{
"name": "37352",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/37352"
},
{
"name": "cisco-webex-wrf-bo(54841)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54841"
},
{
"name": "20091216 Multiple Cisco WebEx WRF Player Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b0a577.shtml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-12-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in atas32.dll in the Cisco WebEx WRF Player 26.x before 26.49.32 (aka T26SP49EP32) for Windows, 27.x before 27.10.x (aka T27SP10) for Windows, 26.x before 26.49.35 for Mac OS X and Linux, and 27.x before 27.11.8 for Mac OS X and Linux allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted WebEx Recording Format (WRF) file, a different vulnerability than CVE-2009-2876 and CVE-2009-2879."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22660\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.fortiguard.com/advisory/FGA-2009-48.html"
},
{
"name": "37810",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37810"
},
{
"name": "61128",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/61128"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=23040\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://fgc.fortinet.com/encyclopedia/vulnerability/fg-vd-09-013-cisco.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22799\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=19499"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22663\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22661\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"name": "1023360",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1023360"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22662\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"name": "ADV-2009-3574",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/3574"
},
{
"name": "37352",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/37352"
},
{
"name": "cisco-webex-wrf-bo(54841)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54841"
},
{
"name": "20091216 Multiple Cisco WebEx WRF Player Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b0a577.shtml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2009-2878",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in atas32.dll in the Cisco WebEx WRF Player 26.x before 26.49.32 (aka T26SP49EP32) for Windows, 27.x before 27.10.x (aka T27SP10) for Windows, 26.x before 26.49.35 for Mac OS X and Linux, and 27.x before 27.11.8 for Mac OS X and Linux allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted WebEx Recording Format (WRF) file, a different vulnerability than CVE-2009-2876 and CVE-2009-2879."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22660\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22660\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"name": "http://www.fortiguard.com/advisory/FGA-2009-48.html",
"refsource": "MISC",
"url": "http://www.fortiguard.com/advisory/FGA-2009-48.html"
},
{
"name": "37810",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37810"
},
{
"name": "61128",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/61128"
},
{
"name": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=23040\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=23040\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"name": "http://fgc.fortinet.com/encyclopedia/vulnerability/fg-vd-09-013-cisco.html",
"refsource": "MISC",
"url": "http://fgc.fortinet.com/encyclopedia/vulnerability/fg-vd-09-013-cisco.html"
},
{
"name": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22799\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22799\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=19499",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=19499"
},
{
"name": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22663\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22663\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"name": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22661\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22661\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"name": "1023360",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1023360"
},
{
"name": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22662\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22662\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"name": "ADV-2009-3574",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3574"
},
{
"name": "37352",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37352"
},
{
"name": "cisco-webex-wrf-bo(54841)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54841"
},
{
"name": "20091216 Multiple Cisco WebEx WRF Player Vulnerabilities",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b0a577.shtml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2009-2878",
"datePublished": "2009-12-18T19:00:00",
"dateReserved": "2009-08-19T00:00:00",
"dateUpdated": "2024-08-07T06:07:37.237Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-3425
Vulnerability from cvelistv5
Published
2013-07-31 01:00
Modified
2024-08-06 16:07
Severity ?
EPSS score ?
Summary
The Meeting Center component in Cisco WebEx 11 generates different error messages for invalid file-access attempts depending on whether a file exists, which allows remote authenticated users to enumerate files via a series of SPI calls, aka Bug ID CSCuc35965.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3425 | vendor-advisory, x_refsource_CISCO | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/86150 | vdb-entry, x_refsource_XF | |
| http://osvdb.org/95876 | vdb-entry, x_refsource_OSVDB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:07:38.030Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20130730 Cisco WebEx Information Disclosure through Inconsistent Error Messages Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3425"
},
{
"name": "cisco-webex-cve20133425-info-disc(86150)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86150"
},
{
"name": "95876",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/95876"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-07-30T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Meeting Center component in Cisco WebEx 11 generates different error messages for invalid file-access attempts depending on whether a file exists, which allows remote authenticated users to enumerate files via a series of SPI calls, aka Bug ID CSCuc35965."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20130730 Cisco WebEx Information Disclosure through Inconsistent Error Messages Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3425"
},
{
"name": "cisco-webex-cve20133425-info-disc(86150)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86150"
},
{
"name": "95876",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/95876"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2013-3425",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Meeting Center component in Cisco WebEx 11 generates different error messages for invalid file-access attempts depending on whether a file exists, which allows remote authenticated users to enumerate files via a series of SPI calls, aka Bug ID CSCuc35965."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20130730 Cisco WebEx Information Disclosure through Inconsistent Error Messages Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3425"
},
{
"name": "cisco-webex-cve20133425-info-disc(86150)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86150"
},
{
"name": "95876",
"refsource": "OSVDB",
"url": "http://osvdb.org/95876"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2013-3425",
"datePublished": "2013-07-31T01:00:00",
"dateReserved": "2013-05-06T00:00:00",
"dateUpdated": "2024-08-06T16:07:38.030Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-2876
Vulnerability from cvelistv5
Published
2009-12-18 19:00
Modified
2024-08-07 06:07
Severity ?
EPSS score ?
Summary
Heap-based buffer overflow in atas32.dll in the Cisco WebEx WRF Player 26.x before 26.49.32 (aka T26SP49EP32) for Windows, 27.x before 27.10.x (aka T27SP10) for Windows, 26.x before 26.49.35 for Mac OS X and Linux, and 27.x before 27.11.8 for Mac OS X and Linux allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted WebEx Recording Format (WRF) file, a different vulnerability than CVE-2009-2878 and CVE-2009-2879.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:07:37.174Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22660\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.fortiguard.com/advisory/FGA-2009-48.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://fgc.fortinet.com/encyclopedia/vulnerability/fg-vd-09-012-cisco.html"
},
{
"name": "37810",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37810"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=23040\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"name": "61126",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/61126"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22799\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=19499"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22663\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22661\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"name": "1023360",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1023360"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22662\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"name": "ADV-2009-3574",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/3574"
},
{
"name": "37352",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/37352"
},
{
"name": "cisco-webex-wrf-bo(54841)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54841"
},
{
"name": "20091216 Multiple Cisco WebEx WRF Player Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b0a577.shtml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-12-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in atas32.dll in the Cisco WebEx WRF Player 26.x before 26.49.32 (aka T26SP49EP32) for Windows, 27.x before 27.10.x (aka T27SP10) for Windows, 26.x before 26.49.35 for Mac OS X and Linux, and 27.x before 27.11.8 for Mac OS X and Linux allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted WebEx Recording Format (WRF) file, a different vulnerability than CVE-2009-2878 and CVE-2009-2879."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22660\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.fortiguard.com/advisory/FGA-2009-48.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://fgc.fortinet.com/encyclopedia/vulnerability/fg-vd-09-012-cisco.html"
},
{
"name": "37810",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37810"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=23040\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"name": "61126",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/61126"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22799\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=19499"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22663\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22661\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"name": "1023360",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1023360"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22662\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"name": "ADV-2009-3574",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/3574"
},
{
"name": "37352",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/37352"
},
{
"name": "cisco-webex-wrf-bo(54841)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54841"
},
{
"name": "20091216 Multiple Cisco WebEx WRF Player Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b0a577.shtml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2009-2876",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in atas32.dll in the Cisco WebEx WRF Player 26.x before 26.49.32 (aka T26SP49EP32) for Windows, 27.x before 27.10.x (aka T27SP10) for Windows, 26.x before 26.49.35 for Mac OS X and Linux, and 27.x before 27.11.8 for Mac OS X and Linux allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted WebEx Recording Format (WRF) file, a different vulnerability than CVE-2009-2878 and CVE-2009-2879."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22660\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22660\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"name": "http://www.fortiguard.com/advisory/FGA-2009-48.html",
"refsource": "MISC",
"url": "http://www.fortiguard.com/advisory/FGA-2009-48.html"
},
{
"name": "http://fgc.fortinet.com/encyclopedia/vulnerability/fg-vd-09-012-cisco.html",
"refsource": "MISC",
"url": "http://fgc.fortinet.com/encyclopedia/vulnerability/fg-vd-09-012-cisco.html"
},
{
"name": "37810",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37810"
},
{
"name": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=23040\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=23040\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"name": "61126",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/61126"
},
{
"name": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22799\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22799\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=19499",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=19499"
},
{
"name": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22663\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22663\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"name": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22661\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22661\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"name": "1023360",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1023360"
},
{
"name": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22662\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22662\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"name": "ADV-2009-3574",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3574"
},
{
"name": "37352",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37352"
},
{
"name": "cisco-webex-wrf-bo(54841)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54841"
},
{
"name": "20091216 Multiple Cisco WebEx WRF Player Vulnerabilities",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b0a577.shtml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2009-2876",
"datePublished": "2009-12-18T19:00:00",
"dateReserved": "2009-08-19T00:00:00",
"dateUpdated": "2024-08-07T06:07:37.174Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-2879
Vulnerability from cvelistv5
Published
2009-12-18 19:00
Modified
2024-08-07 06:07
Severity ?
EPSS score ?
Summary
Heap-based buffer overflow in atas32.dll in the Cisco WebEx WRF Player 26.x before 26.49.32 (aka T26SP49EP32) for Windows, 27.x before 27.10.x (aka T27SP10) for Windows, 26.x before 26.49.35 for Mac OS X and Linux, and 27.x before 27.11.8 for Mac OS X and Linux allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted WebEx Recording Format (WRF) file, a different vulnerability than CVE-2009-2876 and CVE-2009-2878.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:07:37.226Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22660\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.fortiguard.com/advisory/FGA-2009-48.html"
},
{
"name": "37810",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37810"
},
{
"name": "61129",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/61129"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=23040\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.fortiguard.com/encyclopedia/vulnerability/cisco.webex.player.atas32.heap.overflow.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22799\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=19499"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22663\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22661\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"name": "1023360",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1023360"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22662\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"name": "ADV-2009-3574",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/3574"
},
{
"name": "37352",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/37352"
},
{
"name": "cisco-webex-wrf-bo(54841)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54841"
},
{
"name": "20091216 Multiple Cisco WebEx WRF Player Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b0a577.shtml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-12-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in atas32.dll in the Cisco WebEx WRF Player 26.x before 26.49.32 (aka T26SP49EP32) for Windows, 27.x before 27.10.x (aka T27SP10) for Windows, 26.x before 26.49.35 for Mac OS X and Linux, and 27.x before 27.11.8 for Mac OS X and Linux allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted WebEx Recording Format (WRF) file, a different vulnerability than CVE-2009-2876 and CVE-2009-2878."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22660\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.fortiguard.com/advisory/FGA-2009-48.html"
},
{
"name": "37810",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37810"
},
{
"name": "61129",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/61129"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=23040\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.fortiguard.com/encyclopedia/vulnerability/cisco.webex.player.atas32.heap.overflow.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22799\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=19499"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22663\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22661\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"name": "1023360",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1023360"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22662\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"name": "ADV-2009-3574",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/3574"
},
{
"name": "37352",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/37352"
},
{
"name": "cisco-webex-wrf-bo(54841)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54841"
},
{
"name": "20091216 Multiple Cisco WebEx WRF Player Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b0a577.shtml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2009-2879",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in atas32.dll in the Cisco WebEx WRF Player 26.x before 26.49.32 (aka T26SP49EP32) for Windows, 27.x before 27.10.x (aka T27SP10) for Windows, 26.x before 26.49.35 for Mac OS X and Linux, and 27.x before 27.11.8 for Mac OS X and Linux allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted WebEx Recording Format (WRF) file, a different vulnerability than CVE-2009-2876 and CVE-2009-2878."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22660\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22660\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"name": "http://www.fortiguard.com/advisory/FGA-2009-48.html",
"refsource": "MISC",
"url": "http://www.fortiguard.com/advisory/FGA-2009-48.html"
},
{
"name": "37810",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37810"
},
{
"name": "61129",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/61129"
},
{
"name": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=23040\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=23040\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"name": "http://www.fortiguard.com/encyclopedia/vulnerability/cisco.webex.player.atas32.heap.overflow.html",
"refsource": "MISC",
"url": "http://www.fortiguard.com/encyclopedia/vulnerability/cisco.webex.player.atas32.heap.overflow.html"
},
{
"name": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22799\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22799\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=19499",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=19499"
},
{
"name": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22663\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22663\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"name": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22661\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22661\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"name": "1023360",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1023360"
},
{
"name": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22662\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22662\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"name": "ADV-2009-3574",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3574"
},
{
"name": "37352",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37352"
},
{
"name": "cisco-webex-wrf-bo(54841)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54841"
},
{
"name": "20091216 Multiple Cisco WebEx WRF Player Vulnerabilities",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b0a577.shtml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2009-2879",
"datePublished": "2009-12-18T19:00:00",
"dateReserved": "2009-08-19T00:00:00",
"dateUpdated": "2024-08-07T06:07:37.226Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-2877
Vulnerability from cvelistv5
Published
2009-12-18 19:00
Modified
2024-08-07 06:07
Severity ?
EPSS score ?
Summary
Stack-based buffer overflow in ataudio.dll in the Cisco WebEx WRF Player 26.x before 26.49.32 for Windows, 27.x before 27.10.x (aka T27SP10) for Windows, 26.x before 26.49.35 for Mac OS X and Linux, and 27.x before 27.11.8 for Mac OS X and Linux allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted WebEx Recording Format (WRF) file.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:07:37.244Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22660\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.fortiguard.com/advisory/FGA-2009-48.html"
},
{
"name": "37810",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37810"
},
{
"name": "61127",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/61127"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=23040\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22799\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=19499"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22663\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22661\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"name": "1023360",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1023360"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22662\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"name": "ADV-2009-3574",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/3574"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.fortiguard.com/encyclopedia/vulnerability/cisco.webex.player.ataudio.buffer.overflow.html"
},
{
"name": "37352",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/37352"
},
{
"name": "cisco-webex-wrf-bo(54841)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54841"
},
{
"name": "20091216 Multiple Cisco WebEx WRF Player Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b0a577.shtml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-12-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in ataudio.dll in the Cisco WebEx WRF Player 26.x before 26.49.32 for Windows, 27.x before 27.10.x (aka T27SP10) for Windows, 26.x before 26.49.35 for Mac OS X and Linux, and 27.x before 27.11.8 for Mac OS X and Linux allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted WebEx Recording Format (WRF) file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22660\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.fortiguard.com/advisory/FGA-2009-48.html"
},
{
"name": "37810",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37810"
},
{
"name": "61127",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/61127"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=23040\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22799\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=19499"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22663\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22661\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"name": "1023360",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1023360"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22662\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"name": "ADV-2009-3574",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/3574"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.fortiguard.com/encyclopedia/vulnerability/cisco.webex.player.ataudio.buffer.overflow.html"
},
{
"name": "37352",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/37352"
},
{
"name": "cisco-webex-wrf-bo(54841)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54841"
},
{
"name": "20091216 Multiple Cisco WebEx WRF Player Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b0a577.shtml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2009-2877",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in ataudio.dll in the Cisco WebEx WRF Player 26.x before 26.49.32 for Windows, 27.x before 27.10.x (aka T27SP10) for Windows, 26.x before 26.49.35 for Mac OS X and Linux, and 27.x before 27.11.8 for Mac OS X and Linux allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted WebEx Recording Format (WRF) file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22660\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22660\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"name": "http://www.fortiguard.com/advisory/FGA-2009-48.html",
"refsource": "MISC",
"url": "http://www.fortiguard.com/advisory/FGA-2009-48.html"
},
{
"name": "37810",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37810"
},
{
"name": "61127",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/61127"
},
{
"name": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=23040\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=23040\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"name": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22799\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22799\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=19499",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=19499"
},
{
"name": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22663\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22663\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"name": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22661\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22661\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"name": "1023360",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1023360"
},
{
"name": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22662\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22662\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"name": "ADV-2009-3574",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3574"
},
{
"name": "http://www.fortiguard.com/encyclopedia/vulnerability/cisco.webex.player.ataudio.buffer.overflow.html",
"refsource": "MISC",
"url": "http://www.fortiguard.com/encyclopedia/vulnerability/cisco.webex.player.ataudio.buffer.overflow.html"
},
{
"name": "37352",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37352"
},
{
"name": "cisco-webex-wrf-bo(54841)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54841"
},
{
"name": "20091216 Multiple Cisco WebEx WRF Player Vulnerabilities",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b0a577.shtml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2009-2877",
"datePublished": "2009-12-18T19:00:00",
"dateReserved": "2009-08-19T00:00:00",
"dateUpdated": "2024-08-07T06:07:37.244Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-2880
Vulnerability from cvelistv5
Published
2009-12-18 19:00
Modified
2024-08-07 06:07
Severity ?
EPSS score ?
Summary
Buffer overflow in atrpui.dll in the Cisco WebEx WRF Player 26.x before 26.49.32 for Windows, 27.x before 27.10.x for Windows, 26.x before 26.49.35 for Mac OS X and Linux, and 27.x before 27.11.8 for Mac OS X and Linux allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted WebEx Recording Format (WRF) file.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:07:37.248Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22660\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.fortiguard.com/advisory/FGA-2009-48.html"
},
{
"name": "37810",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37810"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.fortiguard.com/encyclopedia/vulnerability/cisco.webex.player.atrpui.dos.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=23040\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22799\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=19499"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22663\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22661\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"name": "1023360",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1023360"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22662\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"name": "ADV-2009-3574",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/3574"
},
{
"name": "37352",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/37352"
},
{
"name": "cisco-webex-wrf-bo(54841)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54841"
},
{
"name": "20091216 Multiple Cisco WebEx WRF Player Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b0a577.shtml"
},
{
"name": "61130",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/61130"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-12-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in atrpui.dll in the Cisco WebEx WRF Player 26.x before 26.49.32 for Windows, 27.x before 27.10.x for Windows, 26.x before 26.49.35 for Mac OS X and Linux, and 27.x before 27.11.8 for Mac OS X and Linux allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted WebEx Recording Format (WRF) file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22660\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.fortiguard.com/advisory/FGA-2009-48.html"
},
{
"name": "37810",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37810"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.fortiguard.com/encyclopedia/vulnerability/cisco.webex.player.atrpui.dos.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=23040\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22799\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=19499"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22663\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22661\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"name": "1023360",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1023360"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22662\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"name": "ADV-2009-3574",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/3574"
},
{
"name": "37352",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/37352"
},
{
"name": "cisco-webex-wrf-bo(54841)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54841"
},
{
"name": "20091216 Multiple Cisco WebEx WRF Player Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b0a577.shtml"
},
{
"name": "61130",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/61130"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2009-2880",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in atrpui.dll in the Cisco WebEx WRF Player 26.x before 26.49.32 for Windows, 27.x before 27.10.x for Windows, 26.x before 26.49.35 for Mac OS X and Linux, and 27.x before 27.11.8 for Mac OS X and Linux allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted WebEx Recording Format (WRF) file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22660\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22660\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"name": "http://www.fortiguard.com/advisory/FGA-2009-48.html",
"refsource": "MISC",
"url": "http://www.fortiguard.com/advisory/FGA-2009-48.html"
},
{
"name": "37810",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37810"
},
{
"name": "http://www.fortiguard.com/encyclopedia/vulnerability/cisco.webex.player.atrpui.dos.html",
"refsource": "MISC",
"url": "http://www.fortiguard.com/encyclopedia/vulnerability/cisco.webex.player.atrpui.dos.html"
},
{
"name": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=23040\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=23040\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"name": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22799\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22799\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=19499",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=19499"
},
{
"name": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22663\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22663\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"name": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22661\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22661\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"name": "1023360",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1023360"
},
{
"name": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22662\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22662\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"name": "ADV-2009-3574",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3574"
},
{
"name": "37352",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37352"
},
{
"name": "cisco-webex-wrf-bo(54841)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54841"
},
{
"name": "20091216 Multiple Cisco WebEx WRF Player Vulnerabilities",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b0a577.shtml"
},
{
"name": "61130",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/61130"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2009-2880",
"datePublished": "2009-12-18T19:00:00",
"dateReserved": "2009-08-19T00:00:00",
"dateUpdated": "2024-08-07T06:07:37.248Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-3823
Vulnerability from cvelistv5
Published
2017-02-01 11:00
Modified
2024-08-05 14:39
Severity ?
EPSS score ?
Summary
An issue was discovered in the Cisco WebEx Extension before 1.0.7 on Google Chrome, the ActiveTouch General Plugin Container before 106 on Mozilla Firefox, the GpcContainer Class ActiveX control plugin before 10031.6.2017.0126 on Internet Explorer, and the Download Manager ActiveX control plugin before 2.1.0.10 on Internet Explorer. A vulnerability in these Cisco WebEx browser extensions could allow an unauthenticated, remote attacker to execute arbitrary code with the privileges of the affected browser on an affected system. This vulnerability affects the browser extensions for Cisco WebEx Meetings Server and Cisco WebEx Centers (Meeting Center, Event Center, Training Center, and Support Center) when they are running on Microsoft Windows. The vulnerability is a design defect in an application programing interface (API) response parser within the extension. An attacker that can convince an affected user to visit an attacker-controlled web page or follow an attacker-supplied link with an affected browser could exploit the vulnerability. If successful, the attacker could execute arbitrary code with the privileges of the affected browser.
References
| ▼ | URL | Tags |
|---|---|---|
| https://bugs.chromium.org/p/project-zero/issues/detail?id=1096 | x_refsource_MISC | |
| https://0patch.blogspot.com/2017/01/micropatching-remote-code-execution-in.html | x_refsource_MISC | |
| https://www.kb.cert.org/vuls/id/909240 | third-party-advisory, x_refsource_CERT-VN | |
| https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170124-webex | x_refsource_CONFIRM | |
| https://blog.filippo.io/webex-extension-vulnerability/ | x_refsource_MISC | |
| http://www.securityfocus.com/bid/95737 | vdb-entry, x_refsource_BID | |
| http://www.securitytracker.com/id/1037680 | vdb-entry, x_refsource_SECTRACK | |
| https://bugs.chromium.org/p/project-zero/issues/detail?id=1100 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ▼ | n/a | Cisco WebEx browser extensions |
Version: Cisco WebEx browser extensions |
|
|
|||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:39:40.444Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1096"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://0patch.blogspot.com/2017/01/micropatching-remote-code-execution-in.html"
},
{
"name": "VU#909240",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/909240"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170124-webex"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://blog.filippo.io/webex-extension-vulnerability/"
},
{
"name": "95737",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95737"
},
{
"name": "1037680",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1037680"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1100"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Cisco WebEx browser extensions",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Cisco WebEx browser extensions"
}
]
}
],
"datePublic": "2017-02-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the Cisco WebEx Extension before 1.0.7 on Google Chrome, the ActiveTouch General Plugin Container before 106 on Mozilla Firefox, the GpcContainer Class ActiveX control plugin before 10031.6.2017.0126 on Internet Explorer, and the Download Manager ActiveX control plugin before 2.1.0.10 on Internet Explorer. A vulnerability in these Cisco WebEx browser extensions could allow an unauthenticated, remote attacker to execute arbitrary code with the privileges of the affected browser on an affected system. This vulnerability affects the browser extensions for Cisco WebEx Meetings Server and Cisco WebEx Centers (Meeting Center, Event Center, Training Center, and Support Center) when they are running on Microsoft Windows. The vulnerability is a design defect in an application programing interface (API) response parser within the extension. An attacker that can convince an affected user to visit an attacker-controlled web page or follow an attacker-supplied link with an affected browser could exploit the vulnerability. If successful, the attacker could execute arbitrary code with the privileges of the affected browser."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-09T13:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1096"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://0patch.blogspot.com/2017/01/micropatching-remote-code-execution-in.html"
},
{
"name": "VU#909240",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "https://www.kb.cert.org/vuls/id/909240"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170124-webex"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://blog.filippo.io/webex-extension-vulnerability/"
},
{
"name": "95737",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95737"
},
{
"name": "1037680",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1037680"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1100"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2017-3823",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Cisco WebEx browser extensions",
"version": {
"version_data": [
{
"version_value": "Cisco WebEx browser extensions"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in the Cisco WebEx Extension before 1.0.7 on Google Chrome, the ActiveTouch General Plugin Container before 106 on Mozilla Firefox, the GpcContainer Class ActiveX control plugin before 10031.6.2017.0126 on Internet Explorer, and the Download Manager ActiveX control plugin before 2.1.0.10 on Internet Explorer. A vulnerability in these Cisco WebEx browser extensions could allow an unauthenticated, remote attacker to execute arbitrary code with the privileges of the affected browser on an affected system. This vulnerability affects the browser extensions for Cisco WebEx Meetings Server and Cisco WebEx Centers (Meeting Center, Event Center, Training Center, and Support Center) when they are running on Microsoft Windows. The vulnerability is a design defect in an application programing interface (API) response parser within the extension. An attacker that can convince an affected user to visit an attacker-controlled web page or follow an attacker-supplied link with an affected browser could exploit the vulnerability. If successful, the attacker could execute arbitrary code with the privileges of the affected browser."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1096",
"refsource": "MISC",
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1096"
},
{
"name": "https://0patch.blogspot.com/2017/01/micropatching-remote-code-execution-in.html",
"refsource": "MISC",
"url": "https://0patch.blogspot.com/2017/01/micropatching-remote-code-execution-in.html"
},
{
"name": "VU#909240",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/909240"
},
{
"name": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170124-webex",
"refsource": "CONFIRM",
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170124-webex"
},
{
"name": "https://blog.filippo.io/webex-extension-vulnerability/",
"refsource": "MISC",
"url": "https://blog.filippo.io/webex-extension-vulnerability/"
},
{
"name": "95737",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95737"
},
{
"name": "1037680",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1037680"
},
{
"name": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1100",
"refsource": "MISC",
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1100"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2017-3823",
"datePublished": "2017-02-01T11:00:00",
"dateReserved": "2016-12-21T00:00:00",
"dateUpdated": "2024-08-05T14:39:40.444Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-2875
Vulnerability from cvelistv5
Published
2009-12-18 19:00
Modified
2024-08-07 06:07
Severity ?
EPSS score ?
Summary
Buffer overflow in atas32.dll in the Cisco WebEx WRF Player 26.x before 26.49.32 for Windows, 27.x before 27.10.x for Windows, 26.x before 26.49.35 for Mac OS X and Linux, and 27.x before 27.11.8 for Mac OS X and Linux allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted WebEx Recording Format (WRF) file.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:07:37.401Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22660\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.fortiguard.com/advisory/FGA-2009-48.html"
},
{
"name": "37810",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37810"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=23040\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.fortiguard.com/encyclopedia/vulnerability/cisco.webex.player.atas32.dos.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22799\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=19499"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22663\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"name": "61125",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/61125"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22661\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"name": "1023360",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1023360"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22662\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"name": "ADV-2009-3574",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/3574"
},
{
"name": "37352",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/37352"
},
{
"name": "cisco-webex-wrf-bo(54841)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54841"
},
{
"name": "20091216 Multiple Cisco WebEx WRF Player Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b0a577.shtml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-12-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in atas32.dll in the Cisco WebEx WRF Player 26.x before 26.49.32 for Windows, 27.x before 27.10.x for Windows, 26.x before 26.49.35 for Mac OS X and Linux, and 27.x before 27.11.8 for Mac OS X and Linux allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted WebEx Recording Format (WRF) file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22660\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.fortiguard.com/advisory/FGA-2009-48.html"
},
{
"name": "37810",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37810"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=23040\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.fortiguard.com/encyclopedia/vulnerability/cisco.webex.player.atas32.dos.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22799\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=19499"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22663\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"name": "61125",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/61125"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22661\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"name": "1023360",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1023360"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22662\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"name": "ADV-2009-3574",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/3574"
},
{
"name": "37352",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/37352"
},
{
"name": "cisco-webex-wrf-bo(54841)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54841"
},
{
"name": "20091216 Multiple Cisco WebEx WRF Player Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b0a577.shtml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2009-2875",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in atas32.dll in the Cisco WebEx WRF Player 26.x before 26.49.32 for Windows, 27.x before 27.10.x for Windows, 26.x before 26.49.35 for Mac OS X and Linux, and 27.x before 27.11.8 for Mac OS X and Linux allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted WebEx Recording Format (WRF) file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22660\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22660\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"name": "http://www.fortiguard.com/advisory/FGA-2009-48.html",
"refsource": "MISC",
"url": "http://www.fortiguard.com/advisory/FGA-2009-48.html"
},
{
"name": "37810",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37810"
},
{
"name": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=23040\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=23040\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"name": "http://www.fortiguard.com/encyclopedia/vulnerability/cisco.webex.player.atas32.dos.html",
"refsource": "MISC",
"url": "http://www.fortiguard.com/encyclopedia/vulnerability/cisco.webex.player.atas32.dos.html"
},
{
"name": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22799\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22799\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=19499",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=19499"
},
{
"name": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22663\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22663\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"name": "61125",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/61125"
},
{
"name": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22661\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22661\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"name": "1023360",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1023360"
},
{
"name": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22662\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22662\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"name": "ADV-2009-3574",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3574"
},
{
"name": "37352",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37352"
},
{
"name": "cisco-webex-wrf-bo(54841)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54841"
},
{
"name": "20091216 Multiple Cisco WebEx WRF Player Vulnerabilities",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b0a577.shtml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2009-2875",
"datePublished": "2009-12-18T19:00:00",
"dateReserved": "2009-08-19T00:00:00",
"dateUpdated": "2024-08-07T06:07:37.401Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2009-12-18 19:30
Modified
2024-11-21 01:05
Severity ?
Summary
Heap-based buffer overflow in atas32.dll in the Cisco WebEx WRF Player 26.x before 26.49.32 (aka T26SP49EP32) for Windows, 27.x before 27.10.x (aka T27SP10) for Windows, 26.x before 26.49.35 for Mac OS X and Linux, and 27.x before 27.11.8 for Mac OS X and Linux allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted WebEx Recording Format (WRF) file, a different vulnerability than CVE-2009-2876 and CVE-2009-2878.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:webex:26.00:*:linux:*:*:*:*:*",
"matchCriteriaId": "B166A339-531A-4EEC-A0B2-ED84F0D7ED9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex:26.00:*:mac_os_x:*:*:*:*:*",
"matchCriteriaId": "E089FB47-7DFA-46AA-BDEF-19B9154E7032",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex:26.00:*:windows:*:*:*:*:*",
"matchCriteriaId": "08DA35E1-8C66-47A8-8E9E-7F0C4272F3DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex:27.00:*:linux:*:*:*:*:*",
"matchCriteriaId": "A3565994-AF5D-45D5-9F0D-1AFD2D33336C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex:27.00:*:mac_os_x:*:*:*:*:*",
"matchCriteriaId": "ADD29395-572F-464B-A8A1-B888603343C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex:27.00:*:windows:*:*:*:*:*",
"matchCriteriaId": "5257EB4E-CC29-4077-AC69-EBF6966C8FB0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in atas32.dll in the Cisco WebEx WRF Player 26.x before 26.49.32 (aka T26SP49EP32) for Windows, 27.x before 27.10.x (aka T27SP10) for Windows, 26.x before 26.49.35 for Mac OS X and Linux, and 27.x before 27.11.8 for Mac OS X and Linux allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted WebEx Recording Format (WRF) file, a different vulnerability than CVE-2009-2876 and CVE-2009-2878."
},
{
"lang": "es",
"value": "Un desbordamiento de b\u00fafer basado en pila en atas32.dll en Cisco WebEx WRF Player v26.x antes de v26.49.32 (alias T26SP49EP32) para Windows, v27.x antes de v27.10.x (alias T27SP10) para Windows, v26.x antes de v26.49.35 para Mac OS X y Linux, y v27.x antes v27.11.8 para Mac OS X y Linux, permite a atacantes remotos causar una denegaci\u00f3n de servicio (por ca\u00edda de la aplicaci\u00f3n) o ejecutar c\u00f3digo arbitrario a trav\u00e9s de un archivo de Formato de grabaci\u00f3n WebEx (.wrf) debidamente modificado. Se trata de una vulnerabilidad diferente a CVE-2009-2876 y CVE-2009-2878."
}
],
"id": "CVE-2009-2879",
"lastModified": "2024-11-21T01:05:57.933",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2009-12-18T19:30:00.453",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37810"
},
{
"source": "ykramarz@cisco.com",
"url": "http://securitytracker.com/id?1023360"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=19499"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22660\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22661\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22662\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22663\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22799\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=23040\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b0a577.shtml"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.fortiguard.com/advisory/FGA-2009-48.html"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.fortiguard.com/encyclopedia/vulnerability/cisco.webex.player.atas32.heap.overflow.html"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.osvdb.org/61129"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securityfocus.com/bid/37352"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/3574"
},
{
"source": "ykramarz@cisco.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54841"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37810"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1023360"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=19499"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22660\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22661\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22662\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22663\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22799\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=23040\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b0a577.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.fortiguard.com/advisory/FGA-2009-48.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.fortiguard.com/encyclopedia/vulnerability/cisco.webex.player.atas32.heap.overflow.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/61129"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/37352"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/3574"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54841"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-07-31 13:20
Modified
2024-11-21 01:53
Severity ?
Summary
The Meeting Center component in Cisco WebEx 11 generates different error messages for invalid file-access attempts depending on whether a file exists, which allows remote authenticated users to enumerate files via a series of SPI calls, aka Bug ID CSCuc35965.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:webex:11.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2071CD29-0DF8-4B7C-B4BC-76236DC86605",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Meeting Center component in Cisco WebEx 11 generates different error messages for invalid file-access attempts depending on whether a file exists, which allows remote authenticated users to enumerate files via a series of SPI calls, aka Bug ID CSCuc35965."
},
{
"lang": "es",
"value": "El componente Meeting Center en Cisco WebEx 11 genere mensajes de error distintos para los intentos de acceso a ficheros dependiendo si un archivo existe, lo que permite a usuarios autenticados remotamente el listado de archivos a trav\u00e9s de una serie de llamadas SPI. Aka Bug ID CSCuc35965."
}
],
"id": "CVE-2013-3425",
"lastModified": "2024-11-21T01:53:36.663",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-07-31T13:20:18.877",
"references": [
{
"source": "ykramarz@cisco.com",
"url": "http://osvdb.org/95876"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3425"
},
{
"source": "ykramarz@cisco.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86150"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/95876"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3425"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/86150"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-12-18 19:30
Modified
2024-11-21 01:05
Severity ?
Summary
Stack-based buffer overflow in ataudio.dll in the Cisco WebEx WRF Player 26.x before 26.49.32 for Windows, 27.x before 27.10.x (aka T27SP10) for Windows, 26.x before 26.49.35 for Mac OS X and Linux, and 27.x before 27.11.8 for Mac OS X and Linux allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted WebEx Recording Format (WRF) file.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:webex:26.00:*:linux:*:*:*:*:*",
"matchCriteriaId": "B166A339-531A-4EEC-A0B2-ED84F0D7ED9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex:26.00:*:mac_os_x:*:*:*:*:*",
"matchCriteriaId": "E089FB47-7DFA-46AA-BDEF-19B9154E7032",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex:26.00:*:windows:*:*:*:*:*",
"matchCriteriaId": "08DA35E1-8C66-47A8-8E9E-7F0C4272F3DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex:27.00:*:linux:*:*:*:*:*",
"matchCriteriaId": "A3565994-AF5D-45D5-9F0D-1AFD2D33336C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex:27.00:*:mac_os_x:*:*:*:*:*",
"matchCriteriaId": "ADD29395-572F-464B-A8A1-B888603343C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex:27.00:*:windows:*:*:*:*:*",
"matchCriteriaId": "5257EB4E-CC29-4077-AC69-EBF6966C8FB0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in ataudio.dll in the Cisco WebEx WRF Player 26.x before 26.49.32 for Windows, 27.x before 27.10.x (aka T27SP10) for Windows, 26.x before 26.49.35 for Mac OS X and Linux, and 27.x before 27.11.8 for Mac OS X and Linux allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted WebEx Recording Format (WRF) file."
},
{
"lang": "es",
"value": "Un desbordamiento de b\u00fafer basado en pila en ataudio.dll en Cisco WebEx WRF Player v26.x antes de v26.49.32 para Windows, v27.x antes de v27.10.x (alias T27SP10) para Windows, v26.x antes de v26.49.35 para Mac OS X y Linux, y v27.x antes v27.11.8 para Mac OS X y Linux, permite a atacantes remotos causar una denegaci\u00f3n de servicio (por ca\u00edda de la aplicaci\u00f3n) o ejecutar c\u00f3digo arbitrario a trav\u00e9s de un archivo de Formato de grabaci\u00f3n WebEx (.wrf) debidamente modificado."
}
],
"id": "CVE-2009-2877",
"lastModified": "2024-11-21T01:05:57.657",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2009-12-18T19:30:00.390",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37810"
},
{
"source": "ykramarz@cisco.com",
"url": "http://securitytracker.com/id?1023360"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=19499"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22660\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22661\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22662\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22663\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22799\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=23040\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b0a577.shtml"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.fortiguard.com/advisory/FGA-2009-48.html"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.fortiguard.com/encyclopedia/vulnerability/cisco.webex.player.ataudio.buffer.overflow.html"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.osvdb.org/61127"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/37352"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/3574"
},
{
"source": "ykramarz@cisco.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54841"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37810"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1023360"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=19499"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22660\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22661\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22662\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22663\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22799\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=23040\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b0a577.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.fortiguard.com/advisory/FGA-2009-48.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.fortiguard.com/encyclopedia/vulnerability/cisco.webex.player.ataudio.buffer.overflow.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/61127"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/37352"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/3574"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54841"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-12-18 19:30
Modified
2024-11-21 01:05
Severity ?
Summary
Buffer overflow in atas32.dll in the Cisco WebEx WRF Player 26.x before 26.49.32 for Windows, 27.x before 27.10.x for Windows, 26.x before 26.49.35 for Mac OS X and Linux, and 27.x before 27.11.8 for Mac OS X and Linux allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted WebEx Recording Format (WRF) file.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:webex:26.00:*:linux:*:*:*:*:*",
"matchCriteriaId": "B166A339-531A-4EEC-A0B2-ED84F0D7ED9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex:26.00:*:mac_os_x:*:*:*:*:*",
"matchCriteriaId": "E089FB47-7DFA-46AA-BDEF-19B9154E7032",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex:26.00:*:windows:*:*:*:*:*",
"matchCriteriaId": "08DA35E1-8C66-47A8-8E9E-7F0C4272F3DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex:27.00:*:linux:*:*:*:*:*",
"matchCriteriaId": "A3565994-AF5D-45D5-9F0D-1AFD2D33336C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex:27.00:*:mac_os_x:*:*:*:*:*",
"matchCriteriaId": "ADD29395-572F-464B-A8A1-B888603343C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex:27.00:*:windows:*:*:*:*:*",
"matchCriteriaId": "5257EB4E-CC29-4077-AC69-EBF6966C8FB0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in atas32.dll in the Cisco WebEx WRF Player 26.x before 26.49.32 for Windows, 27.x before 27.10.x for Windows, 26.x before 26.49.35 for Mac OS X and Linux, and 27.x before 27.11.8 for Mac OS X and Linux allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted WebEx Recording Format (WRF) file."
},
{
"lang": "es",
"value": "Un desbordamiento de b\u00fafer en atas32.dll en Cisco WebEx WRF Player v26.x antes de v26.49.32 para Windows, v27.x antes v27.10.x para Windows, v26.x antes de v26.49.35 para Mac OS X y Linux, y v27.x antes de v27.11.8 para Mac OS X y Linux, permite a atacantes remotos causar una denegaci\u00f3n de servicio (por ca\u00edda de la aplicaci\u00f3n) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de un archivo de formato de grabaci\u00f3n WebEx (.wrf) debidamente modificado."
}
],
"id": "CVE-2009-2875",
"lastModified": "2024-11-21T01:05:57.377",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2009-12-18T19:30:00.313",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37810"
},
{
"source": "ykramarz@cisco.com",
"url": "http://securitytracker.com/id?1023360"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=19499"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22660\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22661\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22662\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22663\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22799\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=23040\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b0a577.shtml"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.fortiguard.com/advisory/FGA-2009-48.html"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.fortiguard.com/encyclopedia/vulnerability/cisco.webex.player.atas32.dos.html"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.osvdb.org/61125"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securityfocus.com/bid/37352"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/3574"
},
{
"source": "ykramarz@cisco.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54841"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37810"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1023360"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=19499"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22660\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22661\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22662\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22663\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22799\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=23040\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b0a577.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.fortiguard.com/advisory/FGA-2009-48.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.fortiguard.com/encyclopedia/vulnerability/cisco.webex.player.atas32.dos.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/61125"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/37352"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/3574"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54841"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-12-18 19:30
Modified
2024-11-21 01:05
Severity ?
Summary
Heap-based buffer overflow in atas32.dll in the Cisco WebEx WRF Player 26.x before 26.49.32 (aka T26SP49EP32) for Windows, 27.x before 27.10.x (aka T27SP10) for Windows, 26.x before 26.49.35 for Mac OS X and Linux, and 27.x before 27.11.8 for Mac OS X and Linux allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted WebEx Recording Format (WRF) file, a different vulnerability than CVE-2009-2878 and CVE-2009-2879.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:webex:26.00:*:linux:*:*:*:*:*",
"matchCriteriaId": "B166A339-531A-4EEC-A0B2-ED84F0D7ED9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex:26.00:*:mac_os_x:*:*:*:*:*",
"matchCriteriaId": "E089FB47-7DFA-46AA-BDEF-19B9154E7032",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex:26.00:*:windows:*:*:*:*:*",
"matchCriteriaId": "08DA35E1-8C66-47A8-8E9E-7F0C4272F3DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex:27.00:*:linux:*:*:*:*:*",
"matchCriteriaId": "A3565994-AF5D-45D5-9F0D-1AFD2D33336C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex:27.00:*:mac_os_x:*:*:*:*:*",
"matchCriteriaId": "ADD29395-572F-464B-A8A1-B888603343C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex:27.00:*:windows:*:*:*:*:*",
"matchCriteriaId": "5257EB4E-CC29-4077-AC69-EBF6966C8FB0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in atas32.dll in the Cisco WebEx WRF Player 26.x before 26.49.32 (aka T26SP49EP32) for Windows, 27.x before 27.10.x (aka T27SP10) for Windows, 26.x before 26.49.35 for Mac OS X and Linux, and 27.x before 27.11.8 for Mac OS X and Linux allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted WebEx Recording Format (WRF) file, a different vulnerability than CVE-2009-2878 and CVE-2009-2879."
},
{
"lang": "es",
"value": "Un desbordamiento de b\u00fafer basado en pila en atas32.dll en Cisco WebEx WRF Player v26.x antes de v26.49.32 (alias T26SP49EP32) para Windows, v27.x antes de v27.10.x (alias T27SP10) para Windows, v26.x antes de v26.49.35 para Mac OS X y Linux, y v27.x antes v27.11.8 para Mac OS X y Linux, permite a atacantes remotos causar una denegaci\u00f3n de servicio (por ca\u00edda de la aplicaci\u00f3n) o ejecutar c\u00f3digo arbitrario a trav\u00e9s de un archivo de formato de grabaci\u00f3n WebEx (.wrf) debidamente modificado. Se trata de una vulnerabilidad diferente a CVE-2009-2878 y CVE-2009-2879."
}
],
"id": "CVE-2009-2876",
"lastModified": "2024-11-21T01:05:57.530",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2009-12-18T19:30:00.343",
"references": [
{
"source": "ykramarz@cisco.com",
"url": "http://fgc.fortinet.com/encyclopedia/vulnerability/fg-vd-09-012-cisco.html"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37810"
},
{
"source": "ykramarz@cisco.com",
"url": "http://securitytracker.com/id?1023360"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=19499"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22660\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22661\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22662\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22663\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22799\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=23040\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b0a577.shtml"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.fortiguard.com/advisory/FGA-2009-48.html"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.osvdb.org/61126"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securityfocus.com/bid/37352"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/3574"
},
{
"source": "ykramarz@cisco.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54841"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://fgc.fortinet.com/encyclopedia/vulnerability/fg-vd-09-012-cisco.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37810"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1023360"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=19499"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22660\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22661\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22662\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22663\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22799\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=23040\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b0a577.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.fortiguard.com/advisory/FGA-2009-48.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/61126"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/37352"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/3574"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54841"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-12-18 19:30
Modified
2024-11-21 01:05
Severity ?
Summary
Heap-based buffer overflow in atas32.dll in the Cisco WebEx WRF Player 26.x before 26.49.32 (aka T26SP49EP32) for Windows, 27.x before 27.10.x (aka T27SP10) for Windows, 26.x before 26.49.35 for Mac OS X and Linux, and 27.x before 27.11.8 for Mac OS X and Linux allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted WebEx Recording Format (WRF) file, a different vulnerability than CVE-2009-2876 and CVE-2009-2879.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:webex:26.00:*:linux:*:*:*:*:*",
"matchCriteriaId": "B166A339-531A-4EEC-A0B2-ED84F0D7ED9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex:26.00:*:mac_os_x:*:*:*:*:*",
"matchCriteriaId": "E089FB47-7DFA-46AA-BDEF-19B9154E7032",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex:26.00:*:windows:*:*:*:*:*",
"matchCriteriaId": "08DA35E1-8C66-47A8-8E9E-7F0C4272F3DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex:27.00:*:linux:*:*:*:*:*",
"matchCriteriaId": "A3565994-AF5D-45D5-9F0D-1AFD2D33336C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex:27.00:*:mac_os_x:*:*:*:*:*",
"matchCriteriaId": "ADD29395-572F-464B-A8A1-B888603343C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex:27.00:*:windows:*:*:*:*:*",
"matchCriteriaId": "5257EB4E-CC29-4077-AC69-EBF6966C8FB0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in atas32.dll in the Cisco WebEx WRF Player 26.x before 26.49.32 (aka T26SP49EP32) for Windows, 27.x before 27.10.x (aka T27SP10) for Windows, 26.x before 26.49.35 for Mac OS X and Linux, and 27.x before 27.11.8 for Mac OS X and Linux allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted WebEx Recording Format (WRF) file, a different vulnerability than CVE-2009-2876 and CVE-2009-2879."
},
{
"lang": "es",
"value": "un desbordamiento de b\u00fafer basado en monticulo en atas32.dll en Cisco WebEx WRF Player v26.x antes de v26.49.32 (alias T26SP49EP32) para Windows, v27.x antes de v27.10.x (alias T27SP10) para Windows, v26.x antes de v26.49.35 para Mac OS X y Linux, y v27.x antes v27.11.8 para Mac OS X y Linux, permite a atacantes remotos causar una denegaci\u00f3n de servicio (por ca\u00edda de la aplicaci\u00f3n) o ejecutar c\u00f3digo arbitrario a trav\u00e9s de unarchivo de Formato de grabaci\u00f3n WebEx (.wrf) debidamente modificado. Se trata de una vulnerabilidad diferente a CVE-2009-2876 y CVE-2009-2879."
}
],
"id": "CVE-2009-2878",
"lastModified": "2024-11-21T01:05:57.790",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2009-12-18T19:30:00.420",
"references": [
{
"source": "ykramarz@cisco.com",
"url": "http://fgc.fortinet.com/encyclopedia/vulnerability/fg-vd-09-013-cisco.html"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37810"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1023360"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=19499"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22660\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22661\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22662\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22663\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22799\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=23040\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b0a577.shtml"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.fortiguard.com/advisory/FGA-2009-48.html"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.osvdb.org/61128"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securityfocus.com/bid/37352"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/3574"
},
{
"source": "ykramarz@cisco.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54841"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://fgc.fortinet.com/encyclopedia/vulnerability/fg-vd-09-013-cisco.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37810"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1023360"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=19499"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22660\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22661\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22662\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22663\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22799\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=23040\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b0a577.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.fortiguard.com/advisory/FGA-2009-48.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/61128"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/37352"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/3574"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54841"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-12-18 19:30
Modified
2024-11-21 01:05
Severity ?
Summary
Buffer overflow in atrpui.dll in the Cisco WebEx WRF Player 26.x before 26.49.32 for Windows, 27.x before 27.10.x for Windows, 26.x before 26.49.35 for Mac OS X and Linux, and 27.x before 27.11.8 for Mac OS X and Linux allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted WebEx Recording Format (WRF) file.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:webex:26.00:*:linux:*:*:*:*:*",
"matchCriteriaId": "B166A339-531A-4EEC-A0B2-ED84F0D7ED9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex:26.00:*:mac_os_x:*:*:*:*:*",
"matchCriteriaId": "E089FB47-7DFA-46AA-BDEF-19B9154E7032",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex:26.00:*:windows:*:*:*:*:*",
"matchCriteriaId": "08DA35E1-8C66-47A8-8E9E-7F0C4272F3DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex:27.00:*:linux:*:*:*:*:*",
"matchCriteriaId": "A3565994-AF5D-45D5-9F0D-1AFD2D33336C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex:27.00:*:mac_os_x:*:*:*:*:*",
"matchCriteriaId": "ADD29395-572F-464B-A8A1-B888603343C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex:27.00:*:windows:*:*:*:*:*",
"matchCriteriaId": "5257EB4E-CC29-4077-AC69-EBF6966C8FB0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in atrpui.dll in the Cisco WebEx WRF Player 26.x before 26.49.32 for Windows, 27.x before 27.10.x for Windows, 26.x before 26.49.35 for Mac OS X and Linux, and 27.x before 27.11.8 for Mac OS X and Linux allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted WebEx Recording Format (WRF) file."
},
{
"lang": "es",
"value": "Un desbordamiento de b\u00fafer en atrpui.dll en Cisco WebEx WRF Player v26.x antes de v26.49.32 para Windows, v27.x antes v27.10.x para Windows, v26.x antes de v26.49.35 para Mac OS X y Linux, y v27.x antes de v27.11.8 para Mac OS X y Linux, permite a atacantes remotos causar una denegaci\u00f3n de servicio (por ca\u00edda de la aplicaci\u00f3n) o posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de un archivo de Formato de grabaci\u00f3n de WebEx (.wrf) debidamente modificado."
}
],
"id": "CVE-2009-2880",
"lastModified": "2024-11-21T01:05:58.077",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2009-12-18T19:30:00.483",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37810"
},
{
"source": "ykramarz@cisco.com",
"url": "http://securitytracker.com/id?1023360"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=19499"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22660\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22661\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22662\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22663\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22799\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=23040\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b0a577.shtml"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.fortiguard.com/advisory/FGA-2009-48.html"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.fortiguard.com/encyclopedia/vulnerability/cisco.webex.player.atrpui.dos.html"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.osvdb.org/61130"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securityfocus.com/bid/37352"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/3574"
},
{
"source": "ykramarz@cisco.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54841"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37810"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1023360"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=19499"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22660\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22661\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22662\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22663\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22799\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=23040\u0026signatureSubId=0\u0026softwareVersion=6.0\u0026releaseVersion=S456"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b0a577.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.fortiguard.com/advisory/FGA-2009-48.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.fortiguard.com/encyclopedia/vulnerability/cisco.webex.player.atrpui.dos.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/61130"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/37352"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/3574"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54841"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-02-01 11:59
Modified
2024-11-21 03:26
Severity ?
Summary
An issue was discovered in the Cisco WebEx Extension before 1.0.7 on Google Chrome, the ActiveTouch General Plugin Container before 106 on Mozilla Firefox, the GpcContainer Class ActiveX control plugin before 10031.6.2017.0126 on Internet Explorer, and the Download Manager ActiveX control plugin before 2.1.0.10 on Internet Explorer. A vulnerability in these Cisco WebEx browser extensions could allow an unauthenticated, remote attacker to execute arbitrary code with the privileges of the affected browser on an affected system. This vulnerability affects the browser extensions for Cisco WebEx Meetings Server and Cisco WebEx Centers (Meeting Center, Event Center, Training Center, and Support Center) when they are running on Microsoft Windows. The vulnerability is a design defect in an application programing interface (API) response parser within the extension. An attacker that can convince an affected user to visit an attacker-controlled web page or follow an attacker-supplied link with an affected browser could exploit the vulnerability. If successful, the attacker could execute arbitrary code with the privileges of the affected browser.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:activetouch_general_plugin_container:105:*:*:*:*:firefox:*:*",
"matchCriteriaId": "7C4F4E52-9923-47E0-8990-8DB3761C724F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:download_manager:2.1.0.9:*:*:*:*:internet_explorer:*:*",
"matchCriteriaId": "8E2D077D-DB25-4D10-A4DD-7E55CD7B6050",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:gpccontainer_class:*:*:*:*:*:internet_explorer:*:*",
"matchCriteriaId": "E7F1F1F5-E057-42F2-878B-CD62E4B7D4E2",
"versionEndIncluding": "10031.6.2017.0125",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex:*:*:*:*:*:chrome:*:*",
"matchCriteriaId": "E1B0BEA6-F4C4-4A54-AFF8-E16B4C110AED",
"versionEndIncluding": "1.0.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.0_base:*:*:*:*:*:*:*",
"matchCriteriaId": "80B9A3E8-DD9D-451B-81A4-BADA16512845",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.0_mr2:*:*:*:*:*:*:*",
"matchCriteriaId": "5E84A595-4A33-4FA1-AF86-DFCBECAB8D43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.0_mr3:*:*:*:*:*:*:*",
"matchCriteriaId": "56F6DDAE-BD36-4D8D-BC48-DD229F33125A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.0_mr4:*:*:*:*:*:*:*",
"matchCriteriaId": "2010E860-9DA9-4706-BEE7-7521BCBC5E05",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.0_mr5:*:*:*:*:*:*:*",
"matchCriteriaId": "EC1C2055-272B-403A-9BF8-5FA8CFBC933D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.0_mr6:*:*:*:*:*:*:*",
"matchCriteriaId": "346A7C39-AF2E-499F-B77E-0F80787D268E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.0_mr7:*:*:*:*:*:*:*",
"matchCriteriaId": "98825256-4520-473B-AC9F-F74B9D95DD0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.0_mr8:*:*:*:*:*:*:*",
"matchCriteriaId": "913EC8D3-A9A3-4FC6-B2FD-87003F985F6F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.0_mr8:p1:*:*:*:*:*:*",
"matchCriteriaId": "DB03D1C7-F4BA-4B0E-814F-3C43395AC928",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.0_mr9:*:*:*:*:*:*:*",
"matchCriteriaId": "339D371C-57FF-43AD-97DB-A8FA9ADCB796",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.0_mr9:p1:*:*:*:*:*:*",
"matchCriteriaId": "2F0B9AE4-75B8-43BC-B66B-0ABE6C21599F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.0_mr9:p2:*:*:*:*:*:*",
"matchCriteriaId": "09EB75CC-8EBD-49D2-B986-CB83D2742A84",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.0_mr9:p3:*:*:*:*:*:*",
"matchCriteriaId": "DF450A53-1F3F-415C-90C5-E43E9A37197F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.5_base:*:*:*:*:*:*:*",
"matchCriteriaId": "9F4AF5A4-1B99-43F8-A659-7C57B033F2A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.5_mr1:*:*:*:*:*:*:*",
"matchCriteriaId": "2F492431-5AE7-439F-81F1-B96EAD773E0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.5_mr2:*:*:*:*:*:*:*",
"matchCriteriaId": "2EC640D5-C840-4ABB-BD22-9B60BBFE8DD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.5_mr2:p1:*:*:*:*:*:*",
"matchCriteriaId": "3C438DB1-1761-4C1B-A6DD-AD84853C5755",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.5_mr3:*:*:*:*:*:*:*",
"matchCriteriaId": "FEB2094F-B0E1-4129-BFD6-9FE1687B0AA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.5_mr4:*:*:*:*:*:*:*",
"matchCriteriaId": "16B75EA6-516D-4550-B83D-E0EFDAA25208",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.5_mr5:*:*:*:*:*:*:*",
"matchCriteriaId": "48A2A712-E8FD-460F-9A3C-3760082B8920",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.5_mr5:p1:*:*:*:*:*:*",
"matchCriteriaId": "EDB5ECBA-051E-4500-9B8C-82479D45164D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.5_mr6:*:*:*:*:*:*:*",
"matchCriteriaId": "8F6F5080-355B-4A85-8DF4-D75D6A550C6E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.5_mr6:p1:*:*:*:*:*:*",
"matchCriteriaId": "CBDFC81E-CA80-4E31-B839-A98FAB4F92A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.5_mr6:p2:*:*:*:*:*:*",
"matchCriteriaId": "23A09CF0-9C9B-4FBF-9AEC-285002175F52",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.5_mr6:p3:*:*:*:*:*:*",
"matchCriteriaId": "69BC1C33-550D-405E-860B-35F301B8B2D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.6_base:*:*:*:*:*:*:*",
"matchCriteriaId": "21E55CCE-2B52-4865-8C63-7E6C779C20D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.6_mr1:*:*:*:*:*:*:*",
"matchCriteriaId": "9881CF16-F617-48DA-8CB8-08C3D943CCD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.6_mr1:p1:*:*:*:*:*:*",
"matchCriteriaId": "8D743715-37BA-4169-9C91-3BD5E28694F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.6_mr2:*:*:*:*:*:*:*",
"matchCriteriaId": "4FFFB01B-1B4F-4072-A68C-98C538DE34ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.6_mr2:p1:*:*:*:*:*:*",
"matchCriteriaId": "47B6F991-49EC-444F-8883-A57C37E8BA29",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.6_mr3:*:*:*:*:*:*:*",
"matchCriteriaId": "9309C030-2F02-4E7E-B3E3-035B93DD1E0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.6_mr3:p1:*:*:*:*:*:*",
"matchCriteriaId": "A58843EB-A2C0-4034-967F-502A52DCC351",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.7_base:*:*:*:*:*:*:*",
"matchCriteriaId": "30ECA8FE-D587-4692-AA90-9706E44BAC1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.7_mr1:*:*:*:*:*:*:*",
"matchCriteriaId": "6DCD22A8-7E04-4782-AEB2-07878925A2AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.7_mr1:p1:*:*:*:*:*:*",
"matchCriteriaId": "FF7208EC-0255-462E-B5DE-9D5617D8C20D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_meetings_server:2.7_mr2:*:*:*:*:*:*:*",
"matchCriteriaId": "396253A5-EC5F-429B-ABF3-20CB0A56E658",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:webex_meeting_center:2.6_base:*:*:*:*:*:*:*",
"matchCriteriaId": "6589E647-4E17-44A9-A6C6-483C541E4095",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_meeting_center:2.6_mr1:*:*:*:*:*:*:*",
"matchCriteriaId": "6AFFA393-E70D-41C2-BB2D-147F8A6DFBBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_meeting_center:2.6_mr1:p1:*:*:*:*:*:*",
"matchCriteriaId": "815D810A-003F-4D8F-B368-CC28152E60B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_meeting_center:2.6_mr2:*:*:*:*:*:*:*",
"matchCriteriaId": "28D63C8E-4EDE-4CAF-B7F6-9CB46AFE0664",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_meeting_center:2.6_mr2:p1:*:*:*:*:*:*",
"matchCriteriaId": "A5F8D5F3-ED67-469D-BBCE-A7669BF85755",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_meeting_center:2.6_mr3:*:*:*:*:*:*:*",
"matchCriteriaId": "85B536C7-3E9A-4862-9714-3BCA1A8C6815",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_meeting_center:2.6_mr3:p1:*:*:*:*:*:*",
"matchCriteriaId": "56639D86-F53E-4334-A67C-D9DB2D5713E4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_meeting_center:2.7_base:*:*:*:*:*:*:*",
"matchCriteriaId": "7288021F-83C7-49FC-9CC3-CC4B3877C412",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_meeting_center:2.7_mr1:*:*:*:*:*:*:*",
"matchCriteriaId": "0F99CC51-B1B2-4E1A-ACA6-766EE5907139",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_meeting_center:2.7_mr1:p1:*:*:*:*:*:*",
"matchCriteriaId": "031E633D-2FED-4874-8D7D-4275875078FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_meeting_center:2.7_mr2:*:*:*:*:*:*:*",
"matchCriteriaId": "992973F3-E460-4AF5-B1BA-48CC61B87FCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_meeting_center:t29_base:*:*:*:*:*:*:*",
"matchCriteriaId": "D792EF72-4866-4DD9-AE59-468E49C7E31F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_meeting_center:t30_base:*:*:*:*:*:*:*",
"matchCriteriaId": "1515E161-06AE-4A77-BA55-B04E0ECF05B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_meeting_center:t31_base:*:*:*:*:*:*:*",
"matchCriteriaId": "77A34A56-995C-456D-9F66-2D4510A8746A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the Cisco WebEx Extension before 1.0.7 on Google Chrome, the ActiveTouch General Plugin Container before 106 on Mozilla Firefox, the GpcContainer Class ActiveX control plugin before 10031.6.2017.0126 on Internet Explorer, and the Download Manager ActiveX control plugin before 2.1.0.10 on Internet Explorer. A vulnerability in these Cisco WebEx browser extensions could allow an unauthenticated, remote attacker to execute arbitrary code with the privileges of the affected browser on an affected system. This vulnerability affects the browser extensions for Cisco WebEx Meetings Server and Cisco WebEx Centers (Meeting Center, Event Center, Training Center, and Support Center) when they are running on Microsoft Windows. The vulnerability is a design defect in an application programing interface (API) response parser within the extension. An attacker that can convince an affected user to visit an attacker-controlled web page or follow an attacker-supplied link with an affected browser could exploit the vulnerability. If successful, the attacker could execute arbitrary code with the privileges of the affected browser."
},
{
"lang": "es",
"value": "Se descubri\u00f3 un problema en Cisco WebEx Extension en versiones anteriores a 1.0.7 en Google Chrome, el ActiveTouch General Pluging Container en versiones anteriores a 106 en Mozilla Firefox, el plugin de control GpcContainer Class Active X en versiones anteriores a 2.1.0.10 en Internet Explorer. Una vulnerabilidad en las extensiones del navegador CiscoWebEx podr\u00eda permitir a un atacante remoto no autenticado ejecutar c\u00f3digo arbitrario con privilegios del navegador afectado en el sistema afectado. Esta vulnerabilidad afecta a las extensiones del navegador para Cisco WebEx Meetings Server y Cisco WebEx Centers (Meeting Center, Event Center, Training Center, y Support Center) cuando se ejecutan en Microsoft Windows. La vulnerabilidad es un defecto de dise\u00f1o del int\u00e9rprete de respuesta de una interfaz de programaci\u00f3n de aplicaciones (API) dentro de la extensi\u00f3n. Un atacante que pueda convencer al usuario afectado para visitar una p\u00e1gina web controlada por un hacker o a pulsar un enlace proporcionado por un atacante con un navegador afectado puede explotar la vulnerabilidad. Si tiene \u00e9xito, el atacante puede ejecutar c\u00f3digo arbitrario con los privilegios del navegador afectado."
}
],
"id": "CVE-2017-3823",
"lastModified": "2024-11-21T03:26:11.147",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-02-01T11:59:00.133",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95737"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securitytracker.com/id/1037680"
},
{
"source": "ykramarz@cisco.com",
"url": "https://0patch.blogspot.com/2017/01/micropatching-remote-code-execution-in.html"
},
{
"source": "ykramarz@cisco.com",
"url": "https://blog.filippo.io/webex-extension-vulnerability/"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Technical Description",
"Third Party Advisory"
],
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1096"
},
{
"source": "ykramarz@cisco.com",
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1100"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170124-webex"
},
{
"source": "ykramarz@cisco.com",
"url": "https://www.kb.cert.org/vuls/id/909240"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/95737"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1037680"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://0patch.blogspot.com/2017/01/micropatching-remote-code-execution-in.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://blog.filippo.io/webex-extension-vulnerability/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Technical Description",
"Third Party Advisory"
],
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1096"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1100"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170124-webex"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.kb.cert.org/vuls/id/909240"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "ykramarz@cisco.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-05-27 14:55
Modified
2024-11-21 01:46
Severity ?
Summary
Cisco WebEx 4.1 on iOS does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate, aka Bug ID CSCud94176.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://secunia.com/advisories/51412 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/51412 | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:webex:4.1:-:*:*:*:iphone_os:*:*",
"matchCriteriaId": "4D712188-904F-4E96-8F0F-D1795AC2D976",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco WebEx 4.1 on iOS does not verify that the server hostname matches a domain name in the subject\u0027s Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate, aka Bug ID CSCud94176."
},
{
"lang": "es",
"value": "Cisco WebEx v4.1 en iOS no comprueba que el nombre del servidor coincida con el nombre de dominio en el Common Name (CN) del certificado o el campo subjectAltName del certificado X.509, permitiendo ataques man-in-the-middle para falsificar servidores SSL mediante un certificado v\u00e1lido de su elecci\u00f3n, tambi\u00e9n conocido como Bug ID CSCud94176."
}
],
"id": "CVE-2012-6399",
"lastModified": "2024-11-21T01:46:05.410",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2013-05-27T14:55:01.037",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/51412"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/51412"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}