All the vulnerabilites related to cisco - webex_recording_format_player
Vulnerability from fkie_nvd
Published
2014-05-08 10:55
Modified
2024-11-21 02:05
Severity ?
Summary
Heap-based buffer overflow in Cisco WebEx Recording Format (WRF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 before T29.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted audio channel in a .wrf file, aka Bug ID CSCuc39458.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | webex_advanced_recording_format_player | t27ld | |
| cisco | webex_advanced_recording_format_player | t28 | |
| cisco | webex_advanced_recording_format_player | t29 | |
| cisco | webex_recording_format_player | t27ld | |
| cisco | webex_recording_format_player | t28 | |
| cisco | webex_recording_format_player | t29 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:t27ld:*:*:*:*:*:*:*",
"matchCriteriaId": "E28EF0C1-7BCE-4C50-A3D9-483BC5C30CA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:t28:*:*:*:*:*:*:*",
"matchCriteriaId": "EEBD5AC9-1395-4D2B-ABDE-0C6FBD3635C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:t29:*:*:*:*:*:*:*",
"matchCriteriaId": "754DFFF3-78AB-4B3A-BDAE-5994D2CDFA82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:t27ld:*:*:*:*:*:*:*",
"matchCriteriaId": "AC0E0061-F1F8-4B1B-8495-A519DF16A60C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:t28:*:*:*:*:*:*:*",
"matchCriteriaId": "98E3845B-EE9A-4D0C-8160-F86AE8FE1B1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:t29:*:*:*:*:*:*:*",
"matchCriteriaId": "3C2A45E8-B582-4249-AD81-77D9E02D146A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in Cisco WebEx Recording Format (WRF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 before T29.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted audio channel in a .wrf file, aka Bug ID CSCuc39458."
},
{
"lang": "es",
"value": "Desbordamiento de buffer basado en memoria din\u00e1mica en Cisco WebEx Recording Format (WRF) Player T27 LD anterior a SP32 EP16, T28 anterior a T28.12 y T29 anterior a T29.2 permite a atacantes remotos ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria y ca\u00edda de aplicaci\u00f3n) a trav\u00e9s de un canal de audio en un archivo .wrf, tambi\u00e9n conocido como Bug ID CSCuc39458."
}
],
"id": "CVE-2014-2134",
"lastModified": "2024-11-21T02:05:43.060",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-05-08T10:55:03.950",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140507-webex"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140507-webex"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-06-29 14:55
Modified
2024-11-21 01:40
Severity ?
Summary
Stack-based buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27 LC before SP25 EP11, T27 LD before SP32 CP2, and T28 L10N before SP1 allows remote attackers to execute arbitrary code via a crafted DHT chunk in a JPEG image within a WRF file, aka Bug ID CSCtz72953.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8CDF6A8A-B1B3-48F4-8433-94B3E55C9D27",
"versionEndIncluding": "27.11.26",
"versionStartIncluding": "27.11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B7E558A7-8CAC-456B-B885-2CF8B48FAF65",
"versionEndIncluding": "27.21.10",
"versionStartIncluding": "27.21.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "23CF539D-4FF5-4536-9AE0-0522DA72A6BB",
"versionEndExcluding": "27.25.11",
"versionStartIncluding": "27.25.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DC2CE94F-7C92-4B1B-A6E4-4B81A5DDF6CC",
"versionEndExcluding": "27.32.2",
"versionStartIncluding": "27.32.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE36A104-4083-4973-8F89-B92B8D85688C",
"versionEndExcluding": "28.0.1",
"versionStartIncluding": "28.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27 LC before SP25 EP11, T27 LD before SP32 CP2, and T28 L10N before SP1 allows remote attackers to execute arbitrary code via a crafted DHT chunk in a JPEG image within a WRF file, aka Bug ID CSCtz72953."
},
{
"lang": "es",
"value": "Desbordamiento de buffer de memoria de pila en el reproductor Cisco WebEx Recording Format (WRF) T27 L hasta la SP11 EP26, T27 LB hasta la SP21 EP10, T27 LC anteriores a SP25 EP11, T27 LD anteriores a SP32 CP2 y T28 L10N anteriores a SP1. Permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un \"chunk\" DHT modificado en una imagen dentro de un archivo WRF. TAmbi\u00e9n conocido como Bug ID CSCtz72953."
}
],
"id": "CVE-2012-3055",
"lastModified": "2024-11-21T01:40:10.643",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2012-06-29T14:55:01.093",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120627-webex"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120627-webex"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-02-02 23:00
Modified
2024-11-21 01:18
Severity ?
Summary
Multiple stack-based buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to execute arbitrary code via a crafted (1) .wrf or (2) .arf file, related to use of a function pointer in a callback mechanism.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | webex_recording_format_player | 26.49 | |
| cisco | webex_recording_format_player | 27.10 | |
| cisco | webex_recording_format_player | 27.11.0.3328 | |
| cisco | webex_recording_format_player | 27.12 | |
| cisco | webex_recording_format_player | 27.13 | |
| cisco | webex_advanced_recording_format_player | 26.49 | |
| cisco | webex_advanced_recording_format_player | 27.10 | |
| cisco | webex_advanced_recording_format_player | 27.11.0.3328 | |
| cisco | webex_advanced_recording_format_player | 27.12 | |
| cisco | webex_advanced_recording_format_player | 27.13 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:26.49:*:*:*:*:*:*:*",
"matchCriteriaId": "BA595A90-DF5A-406C-ABF3-B1A77C558A7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27.10:*:*:*:*:*:*:*",
"matchCriteriaId": "1B242684-7692-4F50-8419-587F0DCBC376",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27.11.0.3328:*:*:*:*:*:*:*",
"matchCriteriaId": "176F29FD-9938-4D62-90EF-B7EEEA345B0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27.12:*:*:*:*:*:*:*",
"matchCriteriaId": "6D126564-E0D1-4E25-BD83-B10EF9AFBDA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27.13:*:*:*:*:*:*:*",
"matchCriteriaId": "F4D92FB5-277D-43B8-8200-43E1FE102BA3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:26.49:*:*:*:*:*:*:*",
"matchCriteriaId": "34E69005-589F-48AD-8E47-14515D3B821D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:27.10:*:*:*:*:*:*:*",
"matchCriteriaId": "D7993427-15B5-453E-B119-5D813AB7D679",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:27.11.0.3328:*:*:*:*:*:*:*",
"matchCriteriaId": "722F62C7-106D-453A-8E1C-A7F6B495D77F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:27.12:*:*:*:*:*:*:*",
"matchCriteriaId": "A7BAD3E5-99DA-4075-B081-4C79093A5975",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:27.13:*:*:*:*:*:*:*",
"matchCriteriaId": "40FC3D3B-6D9A-4C08-9E98-08215071C64C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to execute arbitrary code via a crafted (1) .wrf or (2) .arf file, related to use of a function pointer in a callback mechanism."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en pila en Cisco WebEx Recording Format (WRF) y Advanced Recording Format (ARF) Players T27LB anteriores a SP21 EP3 y T27LC anteriores a SP22, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de ficheros (1) .wrf o (2) .arf manipulados, relacionado con el uso de la funci\u00f3n pointer en un mecanismo de retorno de llamada."
}
],
"id": "CVE-2010-3269",
"lastModified": "2024-11-21T01:18:24.307",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2011-02-02T23:00:31.957",
"references": [
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1025015"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=22016"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6913f.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.coresecurity.com/content/webex-atp-and-wrf-overflow-vulnerabilities"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/516095/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/46075"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0261"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65076"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1025015"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=22016"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6913f.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.coresecurity.com/content/webex-atp-and-wrf-overflow-vulnerabilities"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/516095/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/46075"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2011/0261"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65076"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-10-25 14:55
Modified
2024-11-21 01:41
Severity ?
Summary
Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCtz72967.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | webex_recording_format_player | 27.11.26 | |
| cisco | webex_recording_format_player | 27.21.10 | |
| cisco | webex_recording_format_player | 27.25.10 | |
| cisco | webex_recording_format_player | 27.32.1 | |
| cisco | webex_recording_format_player | 28.0.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27.11.26:*:*:*:*:*:*:*",
"matchCriteriaId": "5EB4D705-80E2-4502-983E-03F2D240D8BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27.21.10:*:*:*:*:*:*:*",
"matchCriteriaId": "DDE5BFC1-9CF2-4C31-BEAF-70E0DCF5E5FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27.25.10:*:*:*:*:*:*:*",
"matchCriteriaId": "4F541D65-1266-4CB4-BC4B-7EE5FF582E17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27.32.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A98020AB-0BBB-4BE8-AAE3-DC86E42D3547",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:28.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "032D67A1-FE20-44D7-BC33-BE6316A7E15A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCtz72967."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en el reproductor Cisco WebEx Recording Format (WRF) T27 anteriores a LD SP32 EP10 y T28 anterior a T28.4, permite a atacantes remotos ejecutar c\u00f3digo o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trv\u00e9s de un fichero WRF manipulado, tambi\u00e9n conocido como Bug ID CSCtz72967."
}
],
"id": "CVE-2012-3937",
"lastModified": "2024-11-21T01:41:49.793",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2012-10-25T14:55:03.607",
"references": [
{
"source": "ykramarz@cisco.com",
"url": "http://osvdb.org/86142"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-webex"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securityfocus.com/bid/55866"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securitytracker.com/id?1027639"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/86142"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-webex"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/55866"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1027639"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-10-25 14:55
Modified
2024-11-21 01:41
Severity ?
Summary
Heap-based buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCtz72850.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | webex_recording_format_player | 27.11.26 | |
| cisco | webex_recording_format_player | 27.21.10 | |
| cisco | webex_recording_format_player | 27.25.10 | |
| cisco | webex_recording_format_player | 27.32.1 | |
| cisco | webex_recording_format_player | 28.0.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27.11.26:*:*:*:*:*:*:*",
"matchCriteriaId": "5EB4D705-80E2-4502-983E-03F2D240D8BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27.21.10:*:*:*:*:*:*:*",
"matchCriteriaId": "DDE5BFC1-9CF2-4C31-BEAF-70E0DCF5E5FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27.25.10:*:*:*:*:*:*:*",
"matchCriteriaId": "4F541D65-1266-4CB4-BC4B-7EE5FF582E17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27.32.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A98020AB-0BBB-4BE8-AAE3-DC86E42D3547",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:28.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "032D67A1-FE20-44D7-BC33-BE6316A7E15A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCtz72850."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en memoria din\u00e1mica en Cisco WebEx Recording Format (WRF) player T27 anteiores a LD SP32 EP10 y T28 anteriores a T28.4 ,permite a atacantes remotos causar una denegaci\u00f3n de servicio (cuelgue) o ejecutar c\u00f3digo arbitrario a trav\u00e9s de un fichero WRF manipulado, tambi\u00e9n conocido como Bug ID CSCtz72850."
}
],
"id": "CVE-2012-3941",
"lastModified": "2024-11-21T01:41:50.253",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2012-10-25T14:55:03.813",
"references": [
{
"source": "ykramarz@cisco.com",
"url": "http://osvdb.org/86140"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-webex"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securityfocus.com/bid/55866"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securitytracker.com/id?1027639"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/86140"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-webex"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/55866"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1027639"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-10-25 14:55
Modified
2024-11-21 01:41
Severity ?
Summary
Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted WRF file, aka Bug ID CSCua61331.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | webex_recording_format_player | 27.11.26 | |
| cisco | webex_recording_format_player | 27.21.10 | |
| cisco | webex_recording_format_player | 27.25.10 | |
| cisco | webex_recording_format_player | 27.32.1 | |
| cisco | webex_recording_format_player | 28.0.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27.11.26:*:*:*:*:*:*:*",
"matchCriteriaId": "5EB4D705-80E2-4502-983E-03F2D240D8BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27.21.10:*:*:*:*:*:*:*",
"matchCriteriaId": "DDE5BFC1-9CF2-4C31-BEAF-70E0DCF5E5FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27.25.10:*:*:*:*:*:*:*",
"matchCriteriaId": "4F541D65-1266-4CB4-BC4B-7EE5FF582E17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27.32.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A98020AB-0BBB-4BE8-AAE3-DC86E42D3547",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:28.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "032D67A1-FE20-44D7-BC33-BE6316A7E15A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted WRF file, aka Bug ID CSCua61331."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en el reproductor Cisco WebEx Recording Format (WRF) T27 anteriores a LD SP32 EP10 y T28 anterior a T28.4, permite a atacantes remotos ejecutar c\u00f3digo o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trv\u00e9s de un fichero WRF manipulado, tambi\u00e9n conocido como Bug ID CSCua61331."
}
],
"id": "CVE-2012-3939",
"lastModified": "2024-11-21T01:41:50.010",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2012-10-25T14:55:03.717",
"references": [
{
"source": "ykramarz@cisco.com",
"url": "http://osvdb.org/86138"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-webex"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securityfocus.com/bid/55866"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securitytracker.com/id?1027639"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/86138"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-webex"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/55866"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1027639"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-10-25 14:55
Modified
2024-11-21 01:41
Severity ?
Summary
Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCtz72958.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | webex_recording_format_player | 27.11.26 | |
| cisco | webex_recording_format_player | 27.21.10 | |
| cisco | webex_recording_format_player | 27.25.10 | |
| cisco | webex_recording_format_player | 27.32.1 | |
| cisco | webex_recording_format_player | 28.0.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27.11.26:*:*:*:*:*:*:*",
"matchCriteriaId": "5EB4D705-80E2-4502-983E-03F2D240D8BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27.21.10:*:*:*:*:*:*:*",
"matchCriteriaId": "DDE5BFC1-9CF2-4C31-BEAF-70E0DCF5E5FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27.25.10:*:*:*:*:*:*:*",
"matchCriteriaId": "4F541D65-1266-4CB4-BC4B-7EE5FF582E17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27.32.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A98020AB-0BBB-4BE8-AAE3-DC86E42D3547",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:28.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "032D67A1-FE20-44D7-BC33-BE6316A7E15A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCtz72958."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en el reproductor Cisco WebEx Recording Format (WRF) T27 anteriores a LD SP32 EP10 y T28 anterior a T28.4, permite a atacantes remotos ejecutar c\u00f3digo de su mediante un fichero WRF manipulado, tambi\u00e9n conocido como Bug ID CSCtz72958."
}
],
"id": "CVE-2012-3940",
"lastModified": "2024-11-21T01:41:50.127",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2012-10-25T14:55:03.767",
"references": [
{
"source": "ykramarz@cisco.com",
"url": "http://osvdb.org/86139"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-webex"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securityfocus.com/bid/55866"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securitytracker.com/id?1027639"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/86139"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-webex"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/55866"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1027639"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-10-27 21:55
Modified
2024-11-21 01:31
Severity ?
Summary
Buffer overflow in the ATAS32 processing functionality in the Cisco WebEx Recording Format (WRF) player T26 before SP49 EP40 and T27 before SP28 allows remote attackers to execute arbitrary code via a crafted WRF file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | webex_recording_format_player | 26 | |
| cisco | webex_recording_format_player | 27 | |
| cisco | webex_recording_format_player | 27.10 | |
| cisco | webex_recording_format_player | 27.12 | |
| cisco | webex_recording_format_player | 27.13 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:26:*:*:*:*:*:*:*",
"matchCriteriaId": "89A7EC6D-EFF7-494D-BBF7-787464A2858B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27:*:*:*:*:*:*:*",
"matchCriteriaId": "8F949C6D-8074-444B-986E-63F06F9A05A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27.10:*:*:*:*:*:*:*",
"matchCriteriaId": "1B242684-7692-4F50-8419-587F0DCBC376",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27.12:*:*:*:*:*:*:*",
"matchCriteriaId": "6D126564-E0D1-4E25-BD83-B10EF9AFBDA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27.13:*:*:*:*:*:*:*",
"matchCriteriaId": "F4D92FB5-277D-43B8-8200-43E1FE102BA3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the ATAS32 processing functionality in the Cisco WebEx Recording Format (WRF) player T26 before SP49 EP40 and T27 before SP28 allows remote attackers to execute arbitrary code via a crafted WRF file."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en la funcionalidad de procesamiento de ATAS32 en Cisco WebEx Recording Format (WRF) T26 player anterior a EP40 SP49 y SP28 anterior a T27 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un archivo modificado WRF."
}
],
"id": "CVE-2011-4004",
"lastModified": "2024-11-21T01:31:41.710",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2011-10-27T21:55:01.107",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-webex"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-webex"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-06-29 14:55
Modified
2024-11-21 01:40
Severity ?
Summary
Heap-based buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27 LC before SP25 EP11, T27 LD before SP32 CP2, and T28 L10N before SP1 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCtz72977.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8CDF6A8A-B1B3-48F4-8433-94B3E55C9D27",
"versionEndIncluding": "27.11.26",
"versionStartIncluding": "27.11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B7E558A7-8CAC-456B-B885-2CF8B48FAF65",
"versionEndIncluding": "27.21.10",
"versionStartIncluding": "27.21.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "23CF539D-4FF5-4536-9AE0-0522DA72A6BB",
"versionEndExcluding": "27.25.11",
"versionStartIncluding": "27.25.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DC2CE94F-7C92-4B1B-A6E4-4B81A5DDF6CC",
"versionEndExcluding": "27.32.2",
"versionStartIncluding": "27.32.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE36A104-4083-4973-8F89-B92B8D85688C",
"versionEndExcluding": "28.0.1",
"versionStartIncluding": "28.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27 LC before SP25 EP11, T27 LD before SP32 CP2, and T28 L10N before SP1 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCtz72977."
},
{
"lang": "es",
"value": "Desbordamiento de buffer de memoria din\u00e1mica en el reproductor Cisco WebEx Recording Format (WRF) T27 L hasta la SP11 EP26, T27 LB hasta la SP21 EP10, T27 LC anteriores a SP25 EP11, T27 LD anteriores a SP32 CP2 y T28 L10N anteriores a SP1. Permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de un archivo WRF modificado. Tambi\u00e9n conocido como Bug ID CSCtz72977."
}
],
"id": "CVE-2012-3054",
"lastModified": "2024-11-21T01:40:10.527",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2012-06-29T14:55:01.063",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120627-webex"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120627-webex"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-02-02 23:00
Modified
2024-11-21 01:17
Severity ?
Summary
Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted (1) .wrf or (2) .arf file, related to atas32.dll, a different vulnerability than CVE-2010-3041, CVE-2010-3042, and CVE-2010-3043.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | webex_recording_format_player | 26.49 | |
| cisco | webex_recording_format_player | 27.10 | |
| cisco | webex_recording_format_player | 27.11.0.3328 | |
| cisco | webex_recording_format_player | 27.12 | |
| cisco | webex_recording_format_player | 27.13 | |
| cisco | webex_advanced_recording_format_player | 26.49 | |
| cisco | webex_advanced_recording_format_player | 27.10 | |
| cisco | webex_advanced_recording_format_player | 27.11.0.3328 | |
| cisco | webex_advanced_recording_format_player | 27.12 | |
| cisco | webex_advanced_recording_format_player | 27.13 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:26.49:*:*:*:*:*:*:*",
"matchCriteriaId": "BA595A90-DF5A-406C-ABF3-B1A77C558A7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27.10:*:*:*:*:*:*:*",
"matchCriteriaId": "1B242684-7692-4F50-8419-587F0DCBC376",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27.11.0.3328:*:*:*:*:*:*:*",
"matchCriteriaId": "176F29FD-9938-4D62-90EF-B7EEEA345B0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27.12:*:*:*:*:*:*:*",
"matchCriteriaId": "6D126564-E0D1-4E25-BD83-B10EF9AFBDA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27.13:*:*:*:*:*:*:*",
"matchCriteriaId": "F4D92FB5-277D-43B8-8200-43E1FE102BA3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:26.49:*:*:*:*:*:*:*",
"matchCriteriaId": "34E69005-589F-48AD-8E47-14515D3B821D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:27.10:*:*:*:*:*:*:*",
"matchCriteriaId": "D7993427-15B5-453E-B119-5D813AB7D679",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:27.11.0.3328:*:*:*:*:*:*:*",
"matchCriteriaId": "722F62C7-106D-453A-8E1C-A7F6B495D77F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:27.12:*:*:*:*:*:*:*",
"matchCriteriaId": "A7BAD3E5-99DA-4075-B081-4C79093A5975",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:27.13:*:*:*:*:*:*:*",
"matchCriteriaId": "40FC3D3B-6D9A-4C08-9E98-08215071C64C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted (1) .wrf or (2) .arf file, related to atas32.dll, a different vulnerability than CVE-2010-3041, CVE-2010-3042, and CVE-2010-3043."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de b\u00fafer en los Reproductores WebEx Recording Format (WRF) y Advanced Recording Format (ARF) de Cisco Build T27LB anterior a SP21 EP3 y Build T27LC anterior a SP22, permite a los atacantes remotos causar una denegaci\u00f3n de servicio (bloqueo de aplicaci\u00f3n) o posiblemente ejecutar c\u00f3digo arbitrario por medio de un archivo especialmente dise\u00f1ado (1) .wrf o (2) .arf, relacionado con la biblioteca atas32.dll, una vulnerabilidad diferente de CVE-2010-3041, CVE-2010-3042 y CVE-2010-3043."
}
],
"id": "CVE-2010-3044",
"lastModified": "2024-11-21T01:17:55.977",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2011-02-02T23:00:31.393",
"references": [
{
"source": "ykramarz@cisco.com",
"url": "http://securitytracker.com/id?1025016"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=22016"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6913f.shtml"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.fortiguard.com/advisory/FGA-2011-03.html"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securityfocus.com/bid/46075"
},
{
"source": "ykramarz@cisco.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65075"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1025016"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=22016"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6913f.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.fortiguard.com/advisory/FGA-2011-03.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/46075"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65075"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-04-05 13:25
Modified
2024-11-21 01:36
Severity ?
Summary
Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27 LC before SP25 EP10, and T27 LD before SP32 CP1 allows remote attackers to execute arbitrary code via a crafted WRF file, a different vulnerability than CVE-2012-1335 and CVE-2012-1337.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120404-webex | Vendor Advisory | |
| ykramarz@cisco.com | http://www.securitytracker.com/id?1026888 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120404-webex | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1026888 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | webex_recording_format_player | * | |
| cisco | webex_recording_format_player | * | |
| cisco | webex_recording_format_player | * | |
| cisco | webex_recording_format_player | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8CDF6A8A-B1B3-48F4-8433-94B3E55C9D27",
"versionEndIncluding": "27.11.26",
"versionStartIncluding": "27.11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B7E558A7-8CAC-456B-B885-2CF8B48FAF65",
"versionEndIncluding": "27.21.10",
"versionStartIncluding": "27.21.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73A49503-6652-43A1-B6F2-08887E8B8E8D",
"versionEndExcluding": "27.25.10",
"versionStartIncluding": "27.25.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "28D95B24-C94B-4D50-9193-A4FF0858EA41",
"versionEndExcluding": "27.32.1",
"versionStartIncluding": "27.32.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27 LC before SP25 EP10, and T27 LD before SP32 CP1 allows remote attackers to execute arbitrary code via a crafted WRF file, a different vulnerability than CVE-2012-1335 and CVE-2012-1337."
},
{
"lang": "es",
"value": "Desbordamiento de bufer en Cisco WebEx Recording Format (WRF) player vT27 L hasta vSP11 vEP26, vT27 LB hasta vSP21 vEP10, vT27 LC anteriores a vSP25 vEP10, and vT27 LD anteriores a vSP32 CP1 permiten a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un fichero WRF modificado, es una vulnerabilidad diferente a CVE-2012-1335 y CVE-2012-1337."
}
],
"id": "CVE-2012-1336",
"lastModified": "2024-11-21T01:36:49.740",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-04-05T13:25:16.210",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120404-webex"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1026888"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120404-webex"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1026888"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-06-29 14:55
Modified
2024-11-21 01:40
Severity ?
Summary
Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27 LC before SP25 EP11, T27 LD before SP32 CP2, and T28 L10N before SP1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted WRF file, aka Bug ID CSCtz72946.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8CDF6A8A-B1B3-48F4-8433-94B3E55C9D27",
"versionEndIncluding": "27.11.26",
"versionStartIncluding": "27.11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B7E558A7-8CAC-456B-B885-2CF8B48FAF65",
"versionEndIncluding": "27.21.10",
"versionStartIncluding": "27.21.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "23CF539D-4FF5-4536-9AE0-0522DA72A6BB",
"versionEndExcluding": "27.25.11",
"versionStartIncluding": "27.25.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DC2CE94F-7C92-4B1B-A6E4-4B81A5DDF6CC",
"versionEndExcluding": "27.32.2",
"versionStartIncluding": "27.32.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE36A104-4083-4973-8F89-B92B8D85688C",
"versionEndExcluding": "28.0.1",
"versionStartIncluding": "28.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27 LC before SP25 EP11, T27 LD before SP32 CP2, and T28 L10N before SP1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted WRF file, aka Bug ID CSCtz72946."
},
{
"lang": "es",
"value": "Desbordamiento de buffer en el reproductor Cisco WebEx Recording Format (WRF) T27 L hasta SP11 EP26, T27 LB hasta SP21 EP10, T27 LC anteriores a SP25 EP11, T27 LD anteriores a SP32 CP2 y T28 L10N anteriores a SP1. Permite a atacantes remotos ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de un archivo WRF. Tambi\u00e9n conocido como Bug ID CSCtz72946."
}
],
"id": "CVE-2012-3056",
"lastModified": "2024-11-21T01:40:10.753",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-06-29T14:55:01.140",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120627-webex"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120627-webex"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-10-25 14:55
Modified
2024-11-21 01:41
Severity ?
Summary
Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCua40962.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | webex_recording_format_player | 27.11.26 | |
| cisco | webex_recording_format_player | 27.21.10 | |
| cisco | webex_recording_format_player | 27.25.10 | |
| cisco | webex_recording_format_player | 27.32.1 | |
| cisco | webex_recording_format_player | 28.0.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27.11.26:*:*:*:*:*:*:*",
"matchCriteriaId": "5EB4D705-80E2-4502-983E-03F2D240D8BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27.21.10:*:*:*:*:*:*:*",
"matchCriteriaId": "DDE5BFC1-9CF2-4C31-BEAF-70E0DCF5E5FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27.25.10:*:*:*:*:*:*:*",
"matchCriteriaId": "4F541D65-1266-4CB4-BC4B-7EE5FF582E17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27.32.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A98020AB-0BBB-4BE8-AAE3-DC86E42D3547",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:28.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "032D67A1-FE20-44D7-BC33-BE6316A7E15A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCua40962."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en el reproductor Cisco WebEx Recording Format (WRF) T27 anteriores a LD SP32 EP10 y T28 anterior a T28.4, permite a atacantes remotos ejecutar c\u00f3digo o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trv\u00e9s de un fichero WRF manipulado, tambi\u00e9n conocido como Bug ID CSCua40962."
}
],
"id": "CVE-2012-3936",
"lastModified": "2024-11-21T01:41:49.677",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2012-10-25T14:55:01.327",
"references": [
{
"source": "ykramarz@cisco.com",
"url": "http://osvdb.org/86141"
},
{
"source": "ykramarz@cisco.com",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-webex"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securityfocus.com/bid/55866"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securitytracker.com/id?1027639"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/86141"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-webex"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/55866"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1027639"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-10-27 21:55
Modified
2024-11-21 01:30
Severity ?
Summary
Buffer overflow in the WRF parsing functionality in the Cisco WebEx Recording Format (WRF) player T26 before SP49 EP40 and T27 before SP28 allows remote attackers to execute arbitrary code via a crafted WRF file.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | webex_recording_format_player | 26 | |
| cisco | webex_recording_format_player | 27 | |
| cisco | webex_recording_format_player | 27.10 | |
| cisco | webex_recording_format_player | 27.12 | |
| cisco | webex_recording_format_player | 27.13 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:26:*:*:*:*:*:*:*",
"matchCriteriaId": "89A7EC6D-EFF7-494D-BBF7-787464A2858B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27:*:*:*:*:*:*:*",
"matchCriteriaId": "8F949C6D-8074-444B-986E-63F06F9A05A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27.10:*:*:*:*:*:*:*",
"matchCriteriaId": "1B242684-7692-4F50-8419-587F0DCBC376",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27.12:*:*:*:*:*:*:*",
"matchCriteriaId": "6D126564-E0D1-4E25-BD83-B10EF9AFBDA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27.13:*:*:*:*:*:*:*",
"matchCriteriaId": "F4D92FB5-277D-43B8-8200-43E1FE102BA3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the WRF parsing functionality in the Cisco WebEx Recording Format (WRF) player T26 before SP49 EP40 and T27 before SP28 allows remote attackers to execute arbitrary code via a crafted WRF file."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en la funcionalidad de parseo WRF en Cisco WebEx Recording Format (WRF) player T26 anterior a SP49 EP40 y T27 anterior a SP28, permite a atacantes remotos ejecutar c\u00f3digo arbitrario mediante un fichero WRF manipulado."
}
],
"id": "CVE-2011-3319",
"lastModified": "2024-11-21T01:30:15.253",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2011-10-27T21:55:01.057",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-webex"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-webex"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-06-29 14:55
Modified
2024-11-21 01:40
Severity ?
Summary
Heap-based buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27 LC before SP25 EP11, T27 LD before SP32 CP2, and T28 L10N before SP1 allows remote attackers to execute arbitrary code via a crafted size field in audio data within a WRF file, aka Bug ID CSCtz00755.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8CDF6A8A-B1B3-48F4-8433-94B3E55C9D27",
"versionEndIncluding": "27.11.26",
"versionStartIncluding": "27.11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B7E558A7-8CAC-456B-B885-2CF8B48FAF65",
"versionEndIncluding": "27.21.10",
"versionStartIncluding": "27.21.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "23CF539D-4FF5-4536-9AE0-0522DA72A6BB",
"versionEndExcluding": "27.25.11",
"versionStartIncluding": "27.25.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DC2CE94F-7C92-4B1B-A6E4-4B81A5DDF6CC",
"versionEndExcluding": "27.32.2",
"versionStartIncluding": "27.32.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CE36A104-4083-4973-8F89-B92B8D85688C",
"versionEndExcluding": "28.0.1",
"versionStartIncluding": "28.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27 LC before SP25 EP11, T27 LD before SP32 CP2, and T28 L10N before SP1 allows remote attackers to execute arbitrary code via a crafted size field in audio data within a WRF file, aka Bug ID CSCtz00755."
},
{
"lang": "es",
"value": "Desbordamiento de buffer de memoria din\u00e1mica en el reproductor Cisco WebEx Recording Format (WRF) T27 L hasta SP11 EP26, T27 LB hasta SP21 EP10, T27 LC anteriores a SP25 EP11, T27 LD anteriores a SP32 CP2, y T28 L10N anteriores a SP1. Permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de campo de tama\u00f1o modificado en datos de audio de un archivo WRF. TAmbi\u00e9n conocido como Bug ID CSCtz00755."
}
],
"id": "CVE-2012-3057",
"lastModified": "2024-11-21T01:40:10.873",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-06-29T14:55:01.173",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120627-webex"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120627-webex"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-05-08 10:55
Modified
2024-11-21 02:05
Severity ?
Summary
Buffer overflow in Cisco Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 before T29.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted .arf file that triggers improper LZW decompression, aka Bug ID CSCuj87565.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | webex_advanced_recording_format_player | t27ld | |
| cisco | webex_advanced_recording_format_player | t28 | |
| cisco | webex_advanced_recording_format_player | t29 | |
| cisco | webex_recording_format_player | t27ld | |
| cisco | webex_recording_format_player | t28 | |
| cisco | webex_recording_format_player | t29 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:t27ld:*:*:*:*:*:*:*",
"matchCriteriaId": "E28EF0C1-7BCE-4C50-A3D9-483BC5C30CA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:t28:*:*:*:*:*:*:*",
"matchCriteriaId": "EEBD5AC9-1395-4D2B-ABDE-0C6FBD3635C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:t29:*:*:*:*:*:*:*",
"matchCriteriaId": "754DFFF3-78AB-4B3A-BDAE-5994D2CDFA82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:t27ld:*:*:*:*:*:*:*",
"matchCriteriaId": "AC0E0061-F1F8-4B1B-8495-A519DF16A60C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:t28:*:*:*:*:*:*:*",
"matchCriteriaId": "98E3845B-EE9A-4D0C-8160-F86AE8FE1B1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:t29:*:*:*:*:*:*:*",
"matchCriteriaId": "3C2A45E8-B582-4249-AD81-77D9E02D146A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Cisco Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 before T29.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted .arf file that triggers improper LZW decompression, aka Bug ID CSCuj87565."
},
{
"lang": "es",
"value": "Desbordamiento de buffer en Cisco Advanced Recording Format (ARF) Player T27 LD anterior a SP32 EP16, T28 anterior a T28.12 y T29 anterior a T29.2 permite a atacantes remotos ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria y ca\u00edda de aplicaci\u00f3n) a trav\u00e9s de un archivo .arf manipulado que provoca descompresi\u00f3n LZW indebida, tambi\u00e9n conocido como Bug ID CSCuj87565."
}
],
"id": "CVE-2014-2133",
"lastModified": "2024-11-21T02:05:42.947",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-05-08T10:55:03.857",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140507-webex"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140507-webex"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-04-05 13:25
Modified
2024-11-21 01:36
Severity ?
Summary
Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27 LC before SP25 EP10, and T27 LD before SP32 CP1 allows remote attackers to execute arbitrary code via a crafted WRF file, a different vulnerability than CVE-2012-1335 and CVE-2012-1336.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | webex_recording_format_player | * | |
| cisco | webex_recording_format_player | * | |
| cisco | webex_recording_format_player | * | |
| cisco | webex_recording_format_player | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8CDF6A8A-B1B3-48F4-8433-94B3E55C9D27",
"versionEndIncluding": "27.11.26",
"versionStartIncluding": "27.11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B7E558A7-8CAC-456B-B885-2CF8B48FAF65",
"versionEndIncluding": "27.21.10",
"versionStartIncluding": "27.21.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73A49503-6652-43A1-B6F2-08887E8B8E8D",
"versionEndExcluding": "27.25.10",
"versionStartIncluding": "27.25.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "28D95B24-C94B-4D50-9193-A4FF0858EA41",
"versionEndExcluding": "27.32.1",
"versionStartIncluding": "27.32.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27 LC before SP25 EP10, and T27 LD before SP32 CP1 allows remote attackers to execute arbitrary code via a crafted WRF file, a different vulnerability than CVE-2012-1335 and CVE-2012-1336."
},
{
"lang": "es",
"value": "Desbordamiento de bufer en Cisco WebEx Recording Format (WRF) player vT27 L y versiones vSP11 EP26, vT27 LB hasta vSP21 vEP10, vT27 LC anteriores a vSP25 vEP10, y vT27 LD anteriores a vSP32 CP1 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un fichero WRF modificado, es una vulneravilidad diferente a CVE-2012-1335 y CVE-2012-1336."
}
],
"id": "CVE-2012-1337",
"lastModified": "2024-11-21T01:36:49.850",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2012-04-05T13:25:16.240",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120404-webex"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1026888"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74606"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120404-webex"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1026888"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74606"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-02-02 23:00
Modified
2024-11-21 01:17
Severity ?
Summary
Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted (1) .wrf or (2) .arf file, a different vulnerability than CVE-2010-3041, CVE-2010-3043, and CVE-2010-3044.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | webex_recording_format_player | 26.49 | |
| cisco | webex_recording_format_player | 27.10 | |
| cisco | webex_recording_format_player | 27.11.0.3328 | |
| cisco | webex_recording_format_player | 27.12 | |
| cisco | webex_recording_format_player | 27.13 | |
| cisco | webex_advanced_recording_format_player | 26.49 | |
| cisco | webex_advanced_recording_format_player | 27.10 | |
| cisco | webex_advanced_recording_format_player | 27.11.0.3328 | |
| cisco | webex_advanced_recording_format_player | 27.12 | |
| cisco | webex_advanced_recording_format_player | 27.13 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:26.49:*:*:*:*:*:*:*",
"matchCriteriaId": "BA595A90-DF5A-406C-ABF3-B1A77C558A7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27.10:*:*:*:*:*:*:*",
"matchCriteriaId": "1B242684-7692-4F50-8419-587F0DCBC376",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27.11.0.3328:*:*:*:*:*:*:*",
"matchCriteriaId": "176F29FD-9938-4D62-90EF-B7EEEA345B0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27.12:*:*:*:*:*:*:*",
"matchCriteriaId": "6D126564-E0D1-4E25-BD83-B10EF9AFBDA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27.13:*:*:*:*:*:*:*",
"matchCriteriaId": "F4D92FB5-277D-43B8-8200-43E1FE102BA3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:26.49:*:*:*:*:*:*:*",
"matchCriteriaId": "34E69005-589F-48AD-8E47-14515D3B821D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:27.10:*:*:*:*:*:*:*",
"matchCriteriaId": "D7993427-15B5-453E-B119-5D813AB7D679",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:27.11.0.3328:*:*:*:*:*:*:*",
"matchCriteriaId": "722F62C7-106D-453A-8E1C-A7F6B495D77F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:27.12:*:*:*:*:*:*:*",
"matchCriteriaId": "A7BAD3E5-99DA-4075-B081-4C79093A5975",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:27.13:*:*:*:*:*:*:*",
"matchCriteriaId": "40FC3D3B-6D9A-4C08-9E98-08215071C64C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted (1) .wrf or (2) .arf file, a different vulnerability than CVE-2010-3041, CVE-2010-3043, and CVE-2010-3044."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de b\u00fafer en Cisco WebEx Recording Format (WRF) y Advanced Recording Format (ARF) Players T27LB anteriores a SP21 EP3 y T27LC anteriores a SP22, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de la aplicaci\u00f3n) o ejecutar c\u00f3digo de su elecci\u00f3n mediante ficheros (1) .wrf or (2) .arf manipulados, es una vulnerabilidad distinta a CVE-2010-3041, CVE-2010-3043, y CVE-2010-3044."
}
],
"id": "CVE-2010-3042",
"lastModified": "2024-11-21T01:17:55.773",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2011-02-02T23:00:31.050",
"references": [
{
"source": "ykramarz@cisco.com",
"url": "http://securitytracker.com/id?1025016"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=22016"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6913f.shtml"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securityfocus.com/bid/46075"
},
{
"source": "ykramarz@cisco.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65073"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1025016"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=22016"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6913f.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/46075"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65073"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-05-08 10:55
Modified
2024-11-21 02:05
Severity ?
Summary
Buffer overflow in Cisco Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 before T29.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted .arf file, aka Bug IDs CSCui72223, CSCul01163, and CSCul01166.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | webex_advanced_recording_format_player | t27ld | |
| cisco | webex_advanced_recording_format_player | t28 | |
| cisco | webex_advanced_recording_format_player | t29 | |
| cisco | webex_recording_format_player | t27ld | |
| cisco | webex_recording_format_player | t28 | |
| cisco | webex_recording_format_player | t29 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:t27ld:*:*:*:*:*:*:*",
"matchCriteriaId": "E28EF0C1-7BCE-4C50-A3D9-483BC5C30CA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:t28:*:*:*:*:*:*:*",
"matchCriteriaId": "EEBD5AC9-1395-4D2B-ABDE-0C6FBD3635C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:t29:*:*:*:*:*:*:*",
"matchCriteriaId": "754DFFF3-78AB-4B3A-BDAE-5994D2CDFA82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:t27ld:*:*:*:*:*:*:*",
"matchCriteriaId": "AC0E0061-F1F8-4B1B-8495-A519DF16A60C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:t28:*:*:*:*:*:*:*",
"matchCriteriaId": "98E3845B-EE9A-4D0C-8160-F86AE8FE1B1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:t29:*:*:*:*:*:*:*",
"matchCriteriaId": "3C2A45E8-B582-4249-AD81-77D9E02D146A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Cisco Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 before T29.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted .arf file, aka Bug IDs CSCui72223, CSCul01163, and CSCul01166."
},
{
"lang": "es",
"value": "Desbordamiento de buffer en Cisco Advanced Recording Format (ARF) Player T27 LD anterior a SP32 EP16, T28 anterior a T28.12 y T29 anterior a T29.2 permite a atacantes remotos ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria y ca\u00edda de aplicaci\u00f3n) a trav\u00e9s de un archivo .arf manipulado, tambi\u00e9n conocido como Bug IDs CSCui72223, CSCul01163 y CSCul01166."
}
],
"id": "CVE-2014-2136",
"lastModified": "2024-11-21T02:05:43.287",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-05-08T10:55:04.153",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140507-webex"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140507-webex"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-02-02 23:00
Modified
2024-11-21 01:17
Severity ?
Summary
Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted (1) .wrf or (2) .arf file, a different vulnerability than CVE-2010-3041, CVE-2010-3042, and CVE-2010-3044.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | webex_recording_format_player | 26.49 | |
| cisco | webex_recording_format_player | 27.10 | |
| cisco | webex_recording_format_player | 27.11.0.3328 | |
| cisco | webex_recording_format_player | 27.12 | |
| cisco | webex_recording_format_player | 27.13 | |
| cisco | webex_advanced_recording_format_player | 26.49 | |
| cisco | webex_advanced_recording_format_player | 27.10 | |
| cisco | webex_advanced_recording_format_player | 27.11.0.3328 | |
| cisco | webex_advanced_recording_format_player | 27.12 | |
| cisco | webex_advanced_recording_format_player | 27.13 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:26.49:*:*:*:*:*:*:*",
"matchCriteriaId": "BA595A90-DF5A-406C-ABF3-B1A77C558A7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27.10:*:*:*:*:*:*:*",
"matchCriteriaId": "1B242684-7692-4F50-8419-587F0DCBC376",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27.11.0.3328:*:*:*:*:*:*:*",
"matchCriteriaId": "176F29FD-9938-4D62-90EF-B7EEEA345B0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27.12:*:*:*:*:*:*:*",
"matchCriteriaId": "6D126564-E0D1-4E25-BD83-B10EF9AFBDA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27.13:*:*:*:*:*:*:*",
"matchCriteriaId": "F4D92FB5-277D-43B8-8200-43E1FE102BA3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:26.49:*:*:*:*:*:*:*",
"matchCriteriaId": "34E69005-589F-48AD-8E47-14515D3B821D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:27.10:*:*:*:*:*:*:*",
"matchCriteriaId": "D7993427-15B5-453E-B119-5D813AB7D679",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:27.11.0.3328:*:*:*:*:*:*:*",
"matchCriteriaId": "722F62C7-106D-453A-8E1C-A7F6B495D77F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:27.12:*:*:*:*:*:*:*",
"matchCriteriaId": "A7BAD3E5-99DA-4075-B081-4C79093A5975",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:27.13:*:*:*:*:*:*:*",
"matchCriteriaId": "40FC3D3B-6D9A-4C08-9E98-08215071C64C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted (1) .wrf or (2) .arf file, a different vulnerability than CVE-2010-3041, CVE-2010-3042, and CVE-2010-3044."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de b\u00fafer en Cisco WebEx Recording Format (WRF) y Advanced Recording Format (ARF) Players T27LB anteriores a SP21 EP3 y T27LC anteriores a SP22, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de la aplicaci\u00f3n) o ejecutar c\u00f3digo de su elecci\u00f3n mediante ficheros (1) .wrf or (2) .arf manipulados, es una vulnerabilidad distinta a CVE-2010-3041, CVE-2010-3042, y CVE-2010-3044."
}
],
"id": "CVE-2010-3043",
"lastModified": "2024-11-21T01:17:55.880",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-02-02T23:00:31.223",
"references": [
{
"source": "ykramarz@cisco.com",
"url": "http://securitytracker.com/id?1025016"
},
{
"source": "ykramarz@cisco.com",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=22016"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6913f.shtml"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securityfocus.com/bid/46075"
},
{
"source": "ykramarz@cisco.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65074"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1025016"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=22016"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6913f.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/46075"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65074"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-05-08 10:55
Modified
2024-11-21 02:05
Severity ?
Summary
Cisco WebEx Recording Format (WRF) player and Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 before T29.2 allow remote attackers to cause a denial of service (application crash) via a crafted (1) .wrf or (2) .arf file that triggers a buffer over-read, aka Bug ID CSCuh52768.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | webex_advanced_recording_format_player | t27ld | |
| cisco | webex_advanced_recording_format_player | t28 | |
| cisco | webex_advanced_recording_format_player | t29 | |
| cisco | webex_recording_format_player | t27ld | |
| cisco | webex_recording_format_player | t28 | |
| cisco | webex_recording_format_player | t29 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:t27ld:*:*:*:*:*:*:*",
"matchCriteriaId": "E28EF0C1-7BCE-4C50-A3D9-483BC5C30CA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:t28:*:*:*:*:*:*:*",
"matchCriteriaId": "EEBD5AC9-1395-4D2B-ABDE-0C6FBD3635C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:t29:*:*:*:*:*:*:*",
"matchCriteriaId": "754DFFF3-78AB-4B3A-BDAE-5994D2CDFA82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:t27ld:*:*:*:*:*:*:*",
"matchCriteriaId": "AC0E0061-F1F8-4B1B-8495-A519DF16A60C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:t28:*:*:*:*:*:*:*",
"matchCriteriaId": "98E3845B-EE9A-4D0C-8160-F86AE8FE1B1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:t29:*:*:*:*:*:*:*",
"matchCriteriaId": "3C2A45E8-B582-4249-AD81-77D9E02D146A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco WebEx Recording Format (WRF) player and Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 before T29.2 allow remote attackers to cause a denial of service (application crash) via a crafted (1) .wrf or (2) .arf file that triggers a buffer over-read, aka Bug ID CSCuh52768."
},
{
"lang": "es",
"value": "Cisco WebEx Recording Format (WRF) Player y Advanced Recording Format (ARF) Player T27 LD anterior a SP32 EP16, T28 anterior a T28.12 y T29 anterior a T29.2 permiten a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) a trav\u00e9s de un archivo (1) .wrf o (2) .arf manipulado que provoca una sobrelectura de buffer, tambi\u00e9n conocido como Bug ID CSCuh52768."
}
],
"id": "CVE-2014-2132",
"lastModified": "2024-11-21T02:05:42.840",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-05-08T10:55:03.700",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140507-webex"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140507-webex"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-09-06 11:15
Modified
2024-11-21 01:48
Severity ?
Summary
Buffer overflow in the exception handler in Cisco WebEx Recording Format (WRF) player T27 LD before SP32 EP16, T27 L10N before SP32_ORION111, and T28 before T28.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted WRF file, aka Bug ID CSCuc27639.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | webex_recording_format_player | 27.11.26 | |
| cisco | webex_recording_format_player | 27.21.10 | |
| cisco | webex_recording_format_player | 27.25.10 | |
| cisco | webex_recording_format_player | 27.32.1 | |
| cisco | webex_recording_format_player | 27.32.10 | |
| cisco | webex_recording_format_player | 28.0.0 | |
| cisco | webex_recording_format_player | 28.4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27.11.26:*:*:*:*:*:*:*",
"matchCriteriaId": "5EB4D705-80E2-4502-983E-03F2D240D8BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27.21.10:*:*:*:*:*:*:*",
"matchCriteriaId": "DDE5BFC1-9CF2-4C31-BEAF-70E0DCF5E5FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27.25.10:*:*:*:*:*:*:*",
"matchCriteriaId": "4F541D65-1266-4CB4-BC4B-7EE5FF582E17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27.32.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A98020AB-0BBB-4BE8-AAE3-DC86E42D3547",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27.32.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E18C8BBC-2F85-4CD9-B53E-FAF5EB7E8DC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:28.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "032D67A1-FE20-44D7-BC33-BE6316A7E15A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:28.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3F90857A-4881-44E4-A547-809B862E3FAA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the exception handler in Cisco WebEx Recording Format (WRF) player T27 LD before SP32 EP16, T27 L10N before SP32_ORION111, and T28 before T28.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted WRF file, aka Bug ID CSCuc27639."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en el manejador de excepciones en Cisco WebEx Recording Format (WRF) player T27 LD anterior a SP32 EP16, T27 L10N anterior a SP32_ORION111, y T28 anterior a T28.8 permite a atacantes remotos ejecutar c\u00f3digo arbitrario o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de un fichero WRF manipulado. Aka Bug ID CSCuc27639."
}
],
"id": "CVE-2013-1117",
"lastModified": "2024-11-21T01:48:56.350",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2013-09-06T11:15:37.173",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130904-webex"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130904-webex"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-09-06 11:15
Modified
2024-11-21 01:48
Severity ?
Summary
Buffer overflow in Cisco WebEx Recording Format (WRF) player T27 LD before SP32 EP16, T27 L10N before SP32_ORION111, and T28 before T28.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted DHT index value in JPEG data within a WRF file, aka Bug ID CSCuc24503.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | webex_recording_format_player | 27.11.26 | |
| cisco | webex_recording_format_player | 27.21.10 | |
| cisco | webex_recording_format_player | 27.25.10 | |
| cisco | webex_recording_format_player | 27.32.1 | |
| cisco | webex_recording_format_player | 27.32.10 | |
| cisco | webex_recording_format_player | 28.0.0 | |
| cisco | webex_recording_format_player | 28.4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27.11.26:*:*:*:*:*:*:*",
"matchCriteriaId": "5EB4D705-80E2-4502-983E-03F2D240D8BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27.21.10:*:*:*:*:*:*:*",
"matchCriteriaId": "DDE5BFC1-9CF2-4C31-BEAF-70E0DCF5E5FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27.25.10:*:*:*:*:*:*:*",
"matchCriteriaId": "4F541D65-1266-4CB4-BC4B-7EE5FF582E17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27.32.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A98020AB-0BBB-4BE8-AAE3-DC86E42D3547",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27.32.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E18C8BBC-2F85-4CD9-B53E-FAF5EB7E8DC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:28.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "032D67A1-FE20-44D7-BC33-BE6316A7E15A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:28.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3F90857A-4881-44E4-A547-809B862E3FAA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Cisco WebEx Recording Format (WRF) player T27 LD before SP32 EP16, T27 L10N before SP32_ORION111, and T28 before T28.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted DHT index value in JPEG data within a WRF file, aka Bug ID CSCuc24503."
},
{
"lang": "es",
"value": "Desbordamiento de buffer en Cisco WebEx Recording Format (WRF) player T27 LD (anteriores a SP32 EP16), T27 L10N (anteriores a SP32_ORION111), y T28 (anteriores a T28.8) permiten a un atacante remoto ejecutar c\u00f3digo a discrecci\u00f3n o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trav\u00e9s de un valor de \u00edndice DHT manipulado en los datos JPEG de un archivo WRF, tambien conocido como Bud ID CSCuc24503."
}
],
"id": "CVE-2013-1119",
"lastModified": "2024-11-21T01:48:56.570",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2013-09-06T11:15:37.207",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130904-webex"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130904-webex"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2014-05-08 10:55
Modified
2024-11-21 02:05
Severity ?
Summary
Buffer overflow in Cisco Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 before T29.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted .arf file, aka Bug IDs CSCul87216 and CSCuj07603.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | webex_advanced_recording_format_player | t27ld | |
| cisco | webex_advanced_recording_format_player | t28 | |
| cisco | webex_advanced_recording_format_player | t29 | |
| cisco | webex_recording_format_player | t27ld | |
| cisco | webex_recording_format_player | t28 | |
| cisco | webex_recording_format_player | t29 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:t27ld:*:*:*:*:*:*:*",
"matchCriteriaId": "E28EF0C1-7BCE-4C50-A3D9-483BC5C30CA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:t28:*:*:*:*:*:*:*",
"matchCriteriaId": "EEBD5AC9-1395-4D2B-ABDE-0C6FBD3635C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:t29:*:*:*:*:*:*:*",
"matchCriteriaId": "754DFFF3-78AB-4B3A-BDAE-5994D2CDFA82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:t27ld:*:*:*:*:*:*:*",
"matchCriteriaId": "AC0E0061-F1F8-4B1B-8495-A519DF16A60C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:t28:*:*:*:*:*:*:*",
"matchCriteriaId": "98E3845B-EE9A-4D0C-8160-F86AE8FE1B1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:t29:*:*:*:*:*:*:*",
"matchCriteriaId": "3C2A45E8-B582-4249-AD81-77D9E02D146A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Cisco Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 before T29.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted .arf file, aka Bug IDs CSCul87216 and CSCuj07603."
},
{
"lang": "es",
"value": "Desbordamiento de buffer en Cisco Advanced Recording Format (ARF) Player T27 LD anterior a SP32 EP16, T28 anterior a T28.12 y T29 anterior a T29.2 permite a atacantes remotos ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria y ca\u00edda de aplicaci\u00f3n) a trav\u00e9s de un archivo .arf manipulado, tambi\u00e9n conocido como Bug IDs CSCul87216 y CSCuj07603."
}
],
"id": "CVE-2014-2135",
"lastModified": "2024-11-21T02:05:43.177",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2014-05-08T10:55:04.073",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140507-webex"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140507-webex"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-10-25 14:55
Modified
2024-11-21 01:41
Severity ?
Summary
Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCtz73583.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | webex_recording_format_player | 27.11.26 | |
| cisco | webex_recording_format_player | 27.21.10 | |
| cisco | webex_recording_format_player | 27.25.10 | |
| cisco | webex_recording_format_player | 27.32.1 | |
| cisco | webex_recording_format_player | 28.0.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27.11.26:*:*:*:*:*:*:*",
"matchCriteriaId": "5EB4D705-80E2-4502-983E-03F2D240D8BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27.21.10:*:*:*:*:*:*:*",
"matchCriteriaId": "DDE5BFC1-9CF2-4C31-BEAF-70E0DCF5E5FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27.25.10:*:*:*:*:*:*:*",
"matchCriteriaId": "4F541D65-1266-4CB4-BC4B-7EE5FF582E17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27.32.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A98020AB-0BBB-4BE8-AAE3-DC86E42D3547",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:28.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "032D67A1-FE20-44D7-BC33-BE6316A7E15A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCtz73583."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en el reproductor Cisco WebEx Recording Format (WRF) T27 anteriores a LD SP32 EP10 y T28 anterior a T28.4, permite a atacantes remotos ejecutar c\u00f3digo o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) a trv\u00e9s de un fichero WRF manipulado, tambi\u00e9n conocido como Bug ID CSCtz73583."
}
],
"id": "CVE-2012-3938",
"lastModified": "2024-11-21T01:41:49.900",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2012-10-25T14:55:03.670",
"references": [
{
"source": "ykramarz@cisco.com",
"url": "http://osvdb.org/86143"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-webex"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securityfocus.com/bid/55866"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securitytracker.com/id?1027639"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/86143"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-webex"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/55866"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1027639"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2013-09-06 11:15
Modified
2024-11-21 01:48
Severity ?
Summary
Stack-based buffer overflow in Cisco WebEx Recording Format (WRF) player T27 LD before SP32 EP16, T27 L10N before SP32_ORION111, and T28 before T28.8 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCuc27645.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | webex_recording_format_player | 27.11.26 | |
| cisco | webex_recording_format_player | 27.21.10 | |
| cisco | webex_recording_format_player | 27.25.10 | |
| cisco | webex_recording_format_player | 27.32.1 | |
| cisco | webex_recording_format_player | 27.32.10 | |
| cisco | webex_recording_format_player | 28.0.0 | |
| cisco | webex_recording_format_player | 28.4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27.11.26:*:*:*:*:*:*:*",
"matchCriteriaId": "5EB4D705-80E2-4502-983E-03F2D240D8BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27.21.10:*:*:*:*:*:*:*",
"matchCriteriaId": "DDE5BFC1-9CF2-4C31-BEAF-70E0DCF5E5FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27.25.10:*:*:*:*:*:*:*",
"matchCriteriaId": "4F541D65-1266-4CB4-BC4B-7EE5FF582E17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27.32.1:*:*:*:*:*:*:*",
"matchCriteriaId": "A98020AB-0BBB-4BE8-AAE3-DC86E42D3547",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27.32.10:*:*:*:*:*:*:*",
"matchCriteriaId": "E18C8BBC-2F85-4CD9-B53E-FAF5EB7E8DC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:28.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "032D67A1-FE20-44D7-BC33-BE6316A7E15A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:28.4:*:*:*:*:*:*:*",
"matchCriteriaId": "3F90857A-4881-44E4-A547-809B862E3FAA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in Cisco WebEx Recording Format (WRF) player T27 LD before SP32 EP16, T27 L10N before SP32_ORION111, and T28 before T28.8 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCuc27645."
},
{
"lang": "es",
"value": "Desbordamiento de pila en Cisco WebEx Recording Format (WRF) player T27 LD (anteriores a SP32 EP16), T27 L10N (anteriores a SP32_ORION111), y T28 (anteriores a T28.8) permiten a un atacante remoto ejecutar c\u00f3digo a discrecci\u00f3n a trav\u00e9s de un archivo WRF manipulado, tambien conocido como Bug ID CSCuc27645."
}
],
"id": "CVE-2013-1118",
"lastModified": "2024-11-21T01:48:56.460",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2013-09-06T11:15:37.187",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130904-webex"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130904-webex"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-04-05 13:25
Modified
2024-11-21 01:36
Severity ?
Summary
Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27 LC before SP25 EP10, and T27 LD before SP32 CP1 allows remote attackers to execute arbitrary code via a crafted WRF file, a different vulnerability than CVE-2012-1336 and CVE-2012-1337.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| ykramarz@cisco.com | http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120404-webex | Vendor Advisory | |
| ykramarz@cisco.com | http://www.securitytracker.com/id?1026888 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120404-webex | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id?1026888 | Third Party Advisory, VDB Entry |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | webex_recording_format_player | * | |
| cisco | webex_recording_format_player | * | |
| cisco | webex_recording_format_player | * | |
| cisco | webex_recording_format_player | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8CDF6A8A-B1B3-48F4-8433-94B3E55C9D27",
"versionEndIncluding": "27.11.26",
"versionStartIncluding": "27.11.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B7E558A7-8CAC-456B-B885-2CF8B48FAF65",
"versionEndIncluding": "27.21.10",
"versionStartIncluding": "27.21.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73A49503-6652-43A1-B6F2-08887E8B8E8D",
"versionEndExcluding": "27.25.10",
"versionStartIncluding": "27.25.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:*:*:*:*:*:*:*:*",
"matchCriteriaId": "28D95B24-C94B-4D50-9193-A4FF0858EA41",
"versionEndExcluding": "27.32.1",
"versionStartIncluding": "27.32.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27 LC before SP25 EP10, and T27 LD before SP32 CP1 allows remote attackers to execute arbitrary code via a crafted WRF file, a different vulnerability than CVE-2012-1336 and CVE-2012-1337."
},
{
"lang": "es",
"value": "Desbordamiento de bufer en Cisco WebEx Recording Format (WRF) player vT27 L hasta vSP11 vEP26, vT27 LB hasta vSP21 vEP10, vT27 LC anteriores a vSP25 vEP10, y vT27 LD anteriores a vSP32 CP1 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un fichero WRF modificado, es una vulnerabilidad diferente de CVE-2012-1336 and CVE-2012-1337."
}
],
"id": "CVE-2012-1335",
"lastModified": "2024-11-21T01:36:49.637",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2012-04-05T13:25:16.163",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120404-webex"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1026888"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120404-webex"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1026888"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-02-02 23:00
Modified
2024-11-21 01:17
Severity ?
Summary
Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted (1) .wrf or (2) .arf file, related to atas32.dll, a different vulnerability than CVE-2010-3042, CVE-2010-3043, and CVE-2010-3044.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | webex_recording_format_player | 26.49 | |
| cisco | webex_recording_format_player | 27.10 | |
| cisco | webex_recording_format_player | 27.11.0.3328 | |
| cisco | webex_recording_format_player | 27.12 | |
| cisco | webex_recording_format_player | 27.13 | |
| cisco | webex_advanced_recording_format_player | 26.49 | |
| cisco | webex_advanced_recording_format_player | 27.10 | |
| cisco | webex_advanced_recording_format_player | 27.11.0.3328 | |
| cisco | webex_advanced_recording_format_player | 27.12 | |
| cisco | webex_advanced_recording_format_player | 27.13 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:26.49:*:*:*:*:*:*:*",
"matchCriteriaId": "BA595A90-DF5A-406C-ABF3-B1A77C558A7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27.10:*:*:*:*:*:*:*",
"matchCriteriaId": "1B242684-7692-4F50-8419-587F0DCBC376",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27.11.0.3328:*:*:*:*:*:*:*",
"matchCriteriaId": "176F29FD-9938-4D62-90EF-B7EEEA345B0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27.12:*:*:*:*:*:*:*",
"matchCriteriaId": "6D126564-E0D1-4E25-BD83-B10EF9AFBDA8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27.13:*:*:*:*:*:*:*",
"matchCriteriaId": "F4D92FB5-277D-43B8-8200-43E1FE102BA3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:26.49:*:*:*:*:*:*:*",
"matchCriteriaId": "34E69005-589F-48AD-8E47-14515D3B821D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:27.10:*:*:*:*:*:*:*",
"matchCriteriaId": "D7993427-15B5-453E-B119-5D813AB7D679",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:27.11.0.3328:*:*:*:*:*:*:*",
"matchCriteriaId": "722F62C7-106D-453A-8E1C-A7F6B495D77F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:27.12:*:*:*:*:*:*:*",
"matchCriteriaId": "A7BAD3E5-99DA-4075-B081-4C79093A5975",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:27.13:*:*:*:*:*:*:*",
"matchCriteriaId": "40FC3D3B-6D9A-4C08-9E98-08215071C64C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted (1) .wrf or (2) .arf file, related to atas32.dll, a different vulnerability than CVE-2010-3042, CVE-2010-3043, and CVE-2010-3044."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de b\u00fafer en los Reproductores WebEx Recording Format (WRF) y Advanced Recording Format (ARF) de Cisco Build T27LB anterior a SP21 EP3 y Build T27LC anterior a SP22, permite a los atacantes remotos causar una denegaci\u00f3n de servicio (bloqueo de aplicaci\u00f3n) o posiblemente ejecutar c\u00f3digo arbitrario por medio de un archivo especialmente dise\u00f1ado (1) .wrf o (2) .arf, relacionado con la biblioteca atas32.dll, una vulnerabilidad diferente de CVE-2010-3042, CVE-2010-3043 y CVE-2010-3044."
}
],
"id": "CVE-2010-3041",
"lastModified": "2024-11-21T01:17:55.677",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2011-02-02T23:00:02.940",
"references": [
{
"source": "ykramarz@cisco.com",
"url": "http://securitytracker.com/id?1025016"
},
{
"source": "ykramarz@cisco.com",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=22016"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6913f.shtml"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.fortiguard.com/advisory/FGA-2011-03.html"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securityfocus.com/bid/46075"
},
{
"source": "ykramarz@cisco.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65072"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1025016"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=22016"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6913f.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.fortiguard.com/advisory/FGA-2011-03.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/46075"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65072"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2010-3043
Vulnerability from cvelistv5
Published
2011-02-02 22:00
Modified
2024-08-07 02:55
Severity ?
EPSS score ?
Summary
Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted (1) .wrf or (2) .arf file, a different vulnerability than CVE-2010-3041, CVE-2010-3042, and CVE-2010-3044.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6913f.shtml | vendor-advisory, x_refsource_CISCO | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/65074 | vdb-entry, x_refsource_XF | |
| http://tools.cisco.com/security/center/viewAlert.x?alertId=22016 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/46075 | vdb-entry, x_refsource_BID | |
| http://securitytracker.com/id?1025016 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:55:46.695Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20110201 Multiple Cisco WebEx Player Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6913f.shtml"
},
{
"name": "webex-wrf-bo(65074)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65074"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=22016"
},
{
"name": "46075",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/46075"
},
{
"name": "1025016",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1025016"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-02-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted (1) .wrf or (2) .arf file, a different vulnerability than CVE-2010-3041, CVE-2010-3042, and CVE-2010-3044."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20110201 Multiple Cisco WebEx Player Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6913f.shtml"
},
{
"name": "webex-wrf-bo(65074)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65074"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=22016"
},
{
"name": "46075",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/46075"
},
{
"name": "1025016",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1025016"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2010-3043",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted (1) .wrf or (2) .arf file, a different vulnerability than CVE-2010-3041, CVE-2010-3042, and CVE-2010-3044."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20110201 Multiple Cisco WebEx Player Vulnerabilities",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6913f.shtml"
},
{
"name": "webex-wrf-bo(65074)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65074"
},
{
"name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=22016",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=22016"
},
{
"name": "46075",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/46075"
},
{
"name": "1025016",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1025016"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2010-3043",
"datePublished": "2011-02-02T22:00:00",
"dateReserved": "2010-08-17T00:00:00",
"dateUpdated": "2024-08-07T02:55:46.695Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-3939
Vulnerability from cvelistv5
Published
2012-10-25 14:00
Modified
2024-08-06 20:21
Severity ?
EPSS score ?
Summary
Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted WRF file, aka Bug ID CSCua61331.
References
| ▼ | URL | Tags |
|---|---|---|
| http://osvdb.org/86138 | vdb-entry, x_refsource_OSVDB | |
| http://www.securitytracker.com/id?1027639 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/55866 | vdb-entry, x_refsource_BID | |
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-webex | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:21:04.183Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "86138",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/86138"
},
{
"name": "1027639",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027639"
},
{
"name": "55866",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/55866"
},
{
"name": "20121010 Multiple Vulnerabilities in the Cisco WebEx Recording Format Player",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-webex"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-10-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted WRF file, aka Bug ID CSCua61331."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-03-02T10:00:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "86138",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/86138"
},
{
"name": "1027639",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027639"
},
{
"name": "55866",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/55866"
},
{
"name": "20121010 Multiple Vulnerabilities in the Cisco WebEx Recording Format Player",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-webex"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2012-3939",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted WRF file, aka Bug ID CSCua61331."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "86138",
"refsource": "OSVDB",
"url": "http://osvdb.org/86138"
},
{
"name": "1027639",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027639"
},
{
"name": "55866",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/55866"
},
{
"name": "20121010 Multiple Vulnerabilities in the Cisco WebEx Recording Format Player",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-webex"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2012-3939",
"datePublished": "2012-10-25T14:00:00",
"dateReserved": "2012-07-10T00:00:00",
"dateUpdated": "2024-08-06T20:21:04.183Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-1119
Vulnerability from cvelistv5
Published
2013-09-06 10:00
Modified
2024-09-16 23:56
Severity ?
EPSS score ?
Summary
Buffer overflow in Cisco WebEx Recording Format (WRF) player T27 LD before SP32 EP16, T27 L10N before SP32_ORION111, and T28 before T28.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted DHT index value in JPEG data within a WRF file, aka Bug ID CSCuc24503.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130904-webex | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:49:20.657Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20130904 Multiple Vulnerabilities in the Cisco WebEx Recording Format and Advanced Recording Format Players",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130904-webex"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Cisco WebEx Recording Format (WRF) player T27 LD before SP32 EP16, T27 L10N before SP32_ORION111, and T28 before T28.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted DHT index value in JPEG data within a WRF file, aka Bug ID CSCuc24503."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-09-06T10:00:00Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20130904 Multiple Vulnerabilities in the Cisco WebEx Recording Format and Advanced Recording Format Players",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130904-webex"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2013-1119",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Cisco WebEx Recording Format (WRF) player T27 LD before SP32 EP16, T27 L10N before SP32_ORION111, and T28 before T28.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted DHT index value in JPEG data within a WRF file, aka Bug ID CSCuc24503."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20130904 Multiple Vulnerabilities in the Cisco WebEx Recording Format and Advanced Recording Format Players",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130904-webex"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2013-1119",
"datePublished": "2013-09-06T10:00:00Z",
"dateReserved": "2013-01-11T00:00:00Z",
"dateUpdated": "2024-09-16T23:56:34.687Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-1117
Vulnerability from cvelistv5
Published
2013-09-06 10:00
Modified
2024-09-17 02:41
Severity ?
EPSS score ?
Summary
Buffer overflow in the exception handler in Cisco WebEx Recording Format (WRF) player T27 LD before SP32 EP16, T27 L10N before SP32_ORION111, and T28 before T28.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted WRF file, aka Bug ID CSCuc27639.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130904-webex | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:49:20.805Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20130904 Multiple Vulnerabilities in the Cisco WebEx Recording Format and Advanced Recording Format Players",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130904-webex"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the exception handler in Cisco WebEx Recording Format (WRF) player T27 LD before SP32 EP16, T27 L10N before SP32_ORION111, and T28 before T28.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted WRF file, aka Bug ID CSCuc27639."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-09-06T10:00:00Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20130904 Multiple Vulnerabilities in the Cisco WebEx Recording Format and Advanced Recording Format Players",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130904-webex"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2013-1117",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the exception handler in Cisco WebEx Recording Format (WRF) player T27 LD before SP32 EP16, T27 L10N before SP32_ORION111, and T28 before T28.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted WRF file, aka Bug ID CSCuc27639."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20130904 Multiple Vulnerabilities in the Cisco WebEx Recording Format and Advanced Recording Format Players",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130904-webex"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2013-1117",
"datePublished": "2013-09-06T10:00:00Z",
"dateReserved": "2013-01-11T00:00:00Z",
"dateUpdated": "2024-09-17T02:41:47.131Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-3941
Vulnerability from cvelistv5
Published
2012-10-25 14:00
Modified
2024-08-06 20:21
Severity ?
EPSS score ?
Summary
Heap-based buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCtz72850.
References
| ▼ | URL | Tags |
|---|---|---|
| http://osvdb.org/86140 | vdb-entry, x_refsource_OSVDB | |
| http://www.securitytracker.com/id?1027639 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/55866 | vdb-entry, x_refsource_BID | |
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-webex | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:21:04.046Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "86140",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/86140"
},
{
"name": "1027639",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027639"
},
{
"name": "55866",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/55866"
},
{
"name": "20121010 Multiple Vulnerabilities in the Cisco WebEx Recording Format Player",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-webex"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-10-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCtz72850."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-03-02T10:00:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "86140",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/86140"
},
{
"name": "1027639",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027639"
},
{
"name": "55866",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/55866"
},
{
"name": "20121010 Multiple Vulnerabilities in the Cisco WebEx Recording Format Player",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-webex"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2012-3941",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCtz72850."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "86140",
"refsource": "OSVDB",
"url": "http://osvdb.org/86140"
},
{
"name": "1027639",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027639"
},
{
"name": "55866",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/55866"
},
{
"name": "20121010 Multiple Vulnerabilities in the Cisco WebEx Recording Format Player",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-webex"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2012-3941",
"datePublished": "2012-10-25T14:00:00",
"dateReserved": "2012-07-10T00:00:00",
"dateUpdated": "2024-08-06T20:21:04.046Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-2135
Vulnerability from cvelistv5
Published
2014-05-08 10:00
Modified
2024-08-06 10:06
Severity ?
EPSS score ?
Summary
Buffer overflow in Cisco Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 before T29.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted .arf file, aka Bug IDs CSCul87216 and CSCuj07603.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140507-webex | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:06:00.282Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20140507 Multiple Vulnerabilities in the Cisco WebEx Recording Format and Advanced Recording Format Players",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140507-webex"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-05-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Cisco Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 before T29.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted .arf file, aka Bug IDs CSCul87216 and CSCuj07603."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-05-08T07:57:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20140507 Multiple Vulnerabilities in the Cisco WebEx Recording Format and Advanced Recording Format Players",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140507-webex"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2014-2135",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Cisco Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 before T29.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted .arf file, aka Bug IDs CSCul87216 and CSCuj07603."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20140507 Multiple Vulnerabilities in the Cisco WebEx Recording Format and Advanced Recording Format Players",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140507-webex"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2014-2135",
"datePublished": "2014-05-08T10:00:00",
"dateReserved": "2014-02-25T00:00:00",
"dateUpdated": "2024-08-06T10:06:00.282Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-3938
Vulnerability from cvelistv5
Published
2012-10-25 14:00
Modified
2024-08-06 20:21
Severity ?
EPSS score ?
Summary
Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCtz73583.
References
| ▼ | URL | Tags |
|---|---|---|
| http://osvdb.org/86143 | vdb-entry, x_refsource_OSVDB | |
| http://www.securitytracker.com/id?1027639 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/55866 | vdb-entry, x_refsource_BID | |
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-webex | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:21:04.244Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "86143",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/86143"
},
{
"name": "1027639",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027639"
},
{
"name": "55866",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/55866"
},
{
"name": "20121010 Multiple Vulnerabilities in the Cisco WebEx Recording Format Player",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-webex"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-10-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCtz73583."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-03-02T10:00:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "86143",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/86143"
},
{
"name": "1027639",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027639"
},
{
"name": "55866",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/55866"
},
{
"name": "20121010 Multiple Vulnerabilities in the Cisco WebEx Recording Format Player",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-webex"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2012-3938",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCtz73583."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "86143",
"refsource": "OSVDB",
"url": "http://osvdb.org/86143"
},
{
"name": "1027639",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027639"
},
{
"name": "55866",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/55866"
},
{
"name": "20121010 Multiple Vulnerabilities in the Cisco WebEx Recording Format Player",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-webex"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2012-3938",
"datePublished": "2012-10-25T14:00:00",
"dateReserved": "2012-07-10T00:00:00",
"dateUpdated": "2024-08-06T20:21:04.244Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-3044
Vulnerability from cvelistv5
Published
2011-02-02 22:00
Modified
2024-08-07 02:55
Severity ?
EPSS score ?
Summary
Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted (1) .wrf or (2) .arf file, related to atas32.dll, a different vulnerability than CVE-2010-3041, CVE-2010-3042, and CVE-2010-3043.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/65075 | vdb-entry, x_refsource_XF | |
| http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6913f.shtml | vendor-advisory, x_refsource_CISCO | |
| http://www.fortiguard.com/advisory/FGA-2011-03.html | x_refsource_MISC | |
| http://tools.cisco.com/security/center/viewAlert.x?alertId=22016 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/46075 | vdb-entry, x_refsource_BID | |
| http://securitytracker.com/id?1025016 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:55:46.537Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cisco-wrf-arf-bo(65075)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65075"
},
{
"name": "20110201 Multiple Cisco WebEx Player Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6913f.shtml"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.fortiguard.com/advisory/FGA-2011-03.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=22016"
},
{
"name": "46075",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/46075"
},
{
"name": "1025016",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1025016"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-02-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted (1) .wrf or (2) .arf file, related to atas32.dll, a different vulnerability than CVE-2010-3041, CVE-2010-3042, and CVE-2010-3043."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-wrf-arf-bo(65075)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65075"
},
{
"name": "20110201 Multiple Cisco WebEx Player Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6913f.shtml"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.fortiguard.com/advisory/FGA-2011-03.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=22016"
},
{
"name": "46075",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/46075"
},
{
"name": "1025016",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1025016"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2010-3044",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted (1) .wrf or (2) .arf file, related to atas32.dll, a different vulnerability than CVE-2010-3041, CVE-2010-3042, and CVE-2010-3043."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "cisco-wrf-arf-bo(65075)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65075"
},
{
"name": "20110201 Multiple Cisco WebEx Player Vulnerabilities",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6913f.shtml"
},
{
"name": "http://www.fortiguard.com/advisory/FGA-2011-03.html",
"refsource": "MISC",
"url": "http://www.fortiguard.com/advisory/FGA-2011-03.html"
},
{
"name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=22016",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=22016"
},
{
"name": "46075",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/46075"
},
{
"name": "1025016",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1025016"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2010-3044",
"datePublished": "2011-02-02T22:00:00",
"dateReserved": "2010-08-17T00:00:00",
"dateUpdated": "2024-08-07T02:55:46.537Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-1337
Vulnerability from cvelistv5
Published
2012-04-04 21:00
Modified
2024-08-06 18:53
Severity ?
EPSS score ?
Summary
Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27 LC before SP25 EP10, and T27 LD before SP32 CP1 allows remote attackers to execute arbitrary code via a crafted WRF file, a different vulnerability than CVE-2012-1335 and CVE-2012-1336.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/74606 | vdb-entry, x_refsource_XF | |
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120404-webex | vendor-advisory, x_refsource_CISCO | |
| http://www.securitytracker.com/id?1026888 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:53:37.170Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "webex-wrffile-bo(74606)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74606"
},
{
"name": "20120404 Buffer Overflow Vulnerabilities in the Cisco WebEx Player",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120404-webex"
},
{
"name": "1026888",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026888"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-04-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27 LC before SP25 EP10, and T27 LD before SP32 CP1 allows remote attackers to execute arbitrary code via a crafted WRF file, a different vulnerability than CVE-2012-1335 and CVE-2012-1336."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "webex-wrffile-bo(74606)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74606"
},
{
"name": "20120404 Buffer Overflow Vulnerabilities in the Cisco WebEx Player",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120404-webex"
},
{
"name": "1026888",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026888"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2012-1337",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27 LC before SP25 EP10, and T27 LD before SP32 CP1 allows remote attackers to execute arbitrary code via a crafted WRF file, a different vulnerability than CVE-2012-1335 and CVE-2012-1336."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "webex-wrffile-bo(74606)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/74606"
},
{
"name": "20120404 Buffer Overflow Vulnerabilities in the Cisco WebEx Player",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120404-webex"
},
{
"name": "1026888",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1026888"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2012-1337",
"datePublished": "2012-04-04T21:00:00",
"dateReserved": "2012-02-27T00:00:00",
"dateUpdated": "2024-08-06T18:53:37.170Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-3041
Vulnerability from cvelistv5
Published
2011-02-02 22:00
Modified
2024-08-07 02:55
Severity ?
EPSS score ?
Summary
Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted (1) .wrf or (2) .arf file, related to atas32.dll, a different vulnerability than CVE-2010-3042, CVE-2010-3043, and CVE-2010-3044.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6913f.shtml | vendor-advisory, x_refsource_CISCO | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/65072 | vdb-entry, x_refsource_XF | |
| http://www.fortiguard.com/advisory/FGA-2011-03.html | x_refsource_MISC | |
| http://tools.cisco.com/security/center/viewAlert.x?alertId=22016 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/46075 | vdb-entry, x_refsource_BID | |
| http://securitytracker.com/id?1025016 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:55:46.696Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20110201 Multiple Cisco WebEx Player Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6913f.shtml"
},
{
"name": "webex-arf-bo(65072)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65072"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.fortiguard.com/advisory/FGA-2011-03.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=22016"
},
{
"name": "46075",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/46075"
},
{
"name": "1025016",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1025016"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-02-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted (1) .wrf or (2) .arf file, related to atas32.dll, a different vulnerability than CVE-2010-3042, CVE-2010-3043, and CVE-2010-3044."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20110201 Multiple Cisco WebEx Player Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6913f.shtml"
},
{
"name": "webex-arf-bo(65072)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65072"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.fortiguard.com/advisory/FGA-2011-03.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=22016"
},
{
"name": "46075",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/46075"
},
{
"name": "1025016",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1025016"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2010-3041",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted (1) .wrf or (2) .arf file, related to atas32.dll, a different vulnerability than CVE-2010-3042, CVE-2010-3043, and CVE-2010-3044."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20110201 Multiple Cisco WebEx Player Vulnerabilities",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6913f.shtml"
},
{
"name": "webex-arf-bo(65072)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65072"
},
{
"name": "http://www.fortiguard.com/advisory/FGA-2011-03.html",
"refsource": "MISC",
"url": "http://www.fortiguard.com/advisory/FGA-2011-03.html"
},
{
"name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=22016",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=22016"
},
{
"name": "46075",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/46075"
},
{
"name": "1025016",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1025016"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2010-3041",
"datePublished": "2011-02-02T22:00:00",
"dateReserved": "2010-08-17T00:00:00",
"dateUpdated": "2024-08-07T02:55:46.696Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2011-3319
Vulnerability from cvelistv5
Published
2011-10-27 21:00
Modified
2024-09-16 22:36
Severity ?
EPSS score ?
Summary
Buffer overflow in the WRF parsing functionality in the Cisco WebEx Recording Format (WRF) player T26 before SP49 EP40 and T27 before SP28 allows remote attackers to execute arbitrary code via a crafted WRF file.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-webex | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:29:56.759Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20111026 Buffer Overflow Vulnerabilities in the Cisco WebEx Player",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-webex"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the WRF parsing functionality in the Cisco WebEx Recording Format (WRF) player T26 before SP49 EP40 and T27 before SP28 allows remote attackers to execute arbitrary code via a crafted WRF file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-10-27T21:00:00Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20111026 Buffer Overflow Vulnerabilities in the Cisco WebEx Player",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-webex"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2011-3319",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the WRF parsing functionality in the Cisco WebEx Recording Format (WRF) player T26 before SP49 EP40 and T27 before SP28 allows remote attackers to execute arbitrary code via a crafted WRF file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20111026 Buffer Overflow Vulnerabilities in the Cisco WebEx Player",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-webex"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2011-3319",
"datePublished": "2011-10-27T21:00:00Z",
"dateReserved": "2011-08-29T00:00:00Z",
"dateUpdated": "2024-09-16T22:36:14.138Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-3042
Vulnerability from cvelistv5
Published
2011-02-02 22:00
Modified
2024-08-07 02:55
Severity ?
EPSS score ?
Summary
Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted (1) .wrf or (2) .arf file, a different vulnerability than CVE-2010-3041, CVE-2010-3043, and CVE-2010-3044.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6913f.shtml | vendor-advisory, x_refsource_CISCO | |
| http://tools.cisco.com/security/center/viewAlert.x?alertId=22016 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/46075 | vdb-entry, x_refsource_BID | |
| http://securitytracker.com/id?1025016 | vdb-entry, x_refsource_SECTRACK | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/65073 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:55:46.708Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20110201 Multiple Cisco WebEx Player Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6913f.shtml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=22016"
},
{
"name": "46075",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/46075"
},
{
"name": "1025016",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1025016"
},
{
"name": "cisco-arf-bo(65073)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65073"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-02-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted (1) .wrf or (2) .arf file, a different vulnerability than CVE-2010-3041, CVE-2010-3043, and CVE-2010-3044."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20110201 Multiple Cisco WebEx Player Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6913f.shtml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=22016"
},
{
"name": "46075",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/46075"
},
{
"name": "1025016",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1025016"
},
{
"name": "cisco-arf-bo(65073)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65073"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2010-3042",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted (1) .wrf or (2) .arf file, a different vulnerability than CVE-2010-3041, CVE-2010-3043, and CVE-2010-3044."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20110201 Multiple Cisco WebEx Player Vulnerabilities",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6913f.shtml"
},
{
"name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=22016",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=22016"
},
{
"name": "46075",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/46075"
},
{
"name": "1025016",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1025016"
},
{
"name": "cisco-arf-bo(65073)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65073"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2010-3042",
"datePublished": "2011-02-02T22:00:00",
"dateReserved": "2010-08-17T00:00:00",
"dateUpdated": "2024-08-07T02:55:46.708Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2011-4004
Vulnerability from cvelistv5
Published
2011-10-27 21:00
Modified
2024-09-17 02:11
Severity ?
EPSS score ?
Summary
Buffer overflow in the ATAS32 processing functionality in the Cisco WebEx Recording Format (WRF) player T26 before SP49 EP40 and T27 before SP28 allows remote attackers to execute arbitrary code via a crafted WRF file.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-webex | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:53:32.602Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20111026 Buffer Overflow Vulnerabilities in the Cisco WebEx Player",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-webex"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the ATAS32 processing functionality in the Cisco WebEx Recording Format (WRF) player T26 before SP49 EP40 and T27 before SP28 allows remote attackers to execute arbitrary code via a crafted WRF file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2011-10-27T21:00:00Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20111026 Buffer Overflow Vulnerabilities in the Cisco WebEx Player",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-webex"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2011-4004",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the ATAS32 processing functionality in the Cisco WebEx Recording Format (WRF) player T26 before SP49 EP40 and T27 before SP28 allows remote attackers to execute arbitrary code via a crafted WRF file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20111026 Buffer Overflow Vulnerabilities in the Cisco WebEx Player",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-webex"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2011-4004",
"datePublished": "2011-10-27T21:00:00Z",
"dateReserved": "2011-10-06T00:00:00Z",
"dateUpdated": "2024-09-17T02:11:41.346Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-3940
Vulnerability from cvelistv5
Published
2012-10-25 14:00
Modified
2024-08-06 20:21
Severity ?
EPSS score ?
Summary
Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCtz72958.
References
| ▼ | URL | Tags |
|---|---|---|
| http://osvdb.org/86139 | vdb-entry, x_refsource_OSVDB | |
| http://www.securitytracker.com/id?1027639 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/55866 | vdb-entry, x_refsource_BID | |
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-webex | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:21:04.220Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "86139",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/86139"
},
{
"name": "1027639",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027639"
},
{
"name": "55866",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/55866"
},
{
"name": "20121010 Multiple Vulnerabilities in the Cisco WebEx Recording Format Player",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-webex"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-10-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCtz72958."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-03-02T10:00:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "86139",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/86139"
},
{
"name": "1027639",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027639"
},
{
"name": "55866",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/55866"
},
{
"name": "20121010 Multiple Vulnerabilities in the Cisco WebEx Recording Format Player",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-webex"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2012-3940",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCtz72958."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "86139",
"refsource": "OSVDB",
"url": "http://osvdb.org/86139"
},
{
"name": "1027639",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027639"
},
{
"name": "55866",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/55866"
},
{
"name": "20121010 Multiple Vulnerabilities in the Cisco WebEx Recording Format Player",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-webex"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2012-3940",
"datePublished": "2012-10-25T14:00:00",
"dateReserved": "2012-07-10T00:00:00",
"dateUpdated": "2024-08-06T20:21:04.220Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-2132
Vulnerability from cvelistv5
Published
2014-05-08 10:00
Modified
2024-08-06 10:05
Severity ?
EPSS score ?
Summary
Cisco WebEx Recording Format (WRF) player and Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 before T29.2 allow remote attackers to cause a denial of service (application crash) via a crafted (1) .wrf or (2) .arf file that triggers a buffer over-read, aka Bug ID CSCuh52768.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140507-webex | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:05:59.493Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20140507 Multiple Vulnerabilities in the Cisco WebEx Recording Format and Advanced Recording Format Players",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140507-webex"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-05-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco WebEx Recording Format (WRF) player and Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 before T29.2 allow remote attackers to cause a denial of service (application crash) via a crafted (1) .wrf or (2) .arf file that triggers a buffer over-read, aka Bug ID CSCuh52768."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-05-08T07:57:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20140507 Multiple Vulnerabilities in the Cisco WebEx Recording Format and Advanced Recording Format Players",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140507-webex"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2014-2132",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco WebEx Recording Format (WRF) player and Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 before T29.2 allow remote attackers to cause a denial of service (application crash) via a crafted (1) .wrf or (2) .arf file that triggers a buffer over-read, aka Bug ID CSCuh52768."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20140507 Multiple Vulnerabilities in the Cisco WebEx Recording Format and Advanced Recording Format Players",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140507-webex"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2014-2132",
"datePublished": "2014-05-08T10:00:00",
"dateReserved": "2014-02-25T00:00:00",
"dateUpdated": "2024-08-06T10:05:59.493Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-3269
Vulnerability from cvelistv5
Published
2011-02-02 22:00
Modified
2024-08-07 03:03
Severity ?
EPSS score ?
Summary
Multiple stack-based buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to execute arbitrary code via a crafted (1) .wrf or (2) .arf file, related to use of a function pointer in a callback mechanism.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/65076 | vdb-entry, x_refsource_XF | |
| http://securitytracker.com/id?1025015 | vdb-entry, x_refsource_SECTRACK | |
| http://www.coresecurity.com/content/webex-atp-and-wrf-overflow-vulnerabilities | x_refsource_MISC | |
| http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6913f.shtml | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/archive/1/516095/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.vupen.com/english/advisories/2011/0261 | vdb-entry, x_refsource_VUPEN | |
| http://tools.cisco.com/security/center/viewAlert.x?alertId=22016 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/46075 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:03:18.934Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cisco-webex-recording-bo(65076)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65076"
},
{
"name": "1025015",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1025015"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.coresecurity.com/content/webex-atp-and-wrf-overflow-vulnerabilities"
},
{
"name": "20110201 Multiple Cisco WebEx Player Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6913f.shtml"
},
{
"name": "20110131 [CORE-2010-1001] Cisco WebEx .atp and .wrf Overflow Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/516095/100/0/threaded"
},
{
"name": "ADV-2011-0261",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0261"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=22016"
},
{
"name": "46075",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/46075"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-01-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to execute arbitrary code via a crafted (1) .wrf or (2) .arf file, related to use of a function pointer in a callback mechanism."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "cisco-webex-recording-bo(65076)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65076"
},
{
"name": "1025015",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1025015"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.coresecurity.com/content/webex-atp-and-wrf-overflow-vulnerabilities"
},
{
"name": "20110201 Multiple Cisco WebEx Player Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6913f.shtml"
},
{
"name": "20110131 [CORE-2010-1001] Cisco WebEx .atp and .wrf Overflow Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/516095/100/0/threaded"
},
{
"name": "ADV-2011-0261",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0261"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=22016"
},
{
"name": "46075",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/46075"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-3269",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple stack-based buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to execute arbitrary code via a crafted (1) .wrf or (2) .arf file, related to use of a function pointer in a callback mechanism."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "cisco-webex-recording-bo(65076)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65076"
},
{
"name": "1025015",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1025015"
},
{
"name": "http://www.coresecurity.com/content/webex-atp-and-wrf-overflow-vulnerabilities",
"refsource": "MISC",
"url": "http://www.coresecurity.com/content/webex-atp-and-wrf-overflow-vulnerabilities"
},
{
"name": "20110201 Multiple Cisco WebEx Player Vulnerabilities",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6913f.shtml"
},
{
"name": "20110131 [CORE-2010-1001] Cisco WebEx .atp and .wrf Overflow Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/516095/100/0/threaded"
},
{
"name": "ADV-2011-0261",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0261"
},
{
"name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=22016",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=22016"
},
{
"name": "46075",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/46075"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-3269",
"datePublished": "2011-02-02T22:00:00",
"dateReserved": "2010-09-09T00:00:00",
"dateUpdated": "2024-08-07T03:03:18.934Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-3054
Vulnerability from cvelistv5
Published
2012-06-29 14:37
Modified
2024-09-16 19:09
Severity ?
EPSS score ?
Summary
Heap-based buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27 LC before SP25 EP11, T27 LD before SP32 CP2, and T28 L10N before SP1 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCtz72977.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120627-webex | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:50:05.387Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20120627 Buffer Overflow Vulnerabilities in the Cisco WebEx Player",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120627-webex"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27 LC before SP25 EP11, T27 LD before SP32 CP2, and T28 L10N before SP1 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCtz72977."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-06-29T14:37:00Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20120627 Buffer Overflow Vulnerabilities in the Cisco WebEx Player",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120627-webex"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2012-3054",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27 LC before SP25 EP11, T27 LD before SP32 CP2, and T28 L10N before SP1 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCtz72977."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20120627 Buffer Overflow Vulnerabilities in the Cisco WebEx Player",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120627-webex"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2012-3054",
"datePublished": "2012-06-29T14:37:00Z",
"dateReserved": "2012-05-30T00:00:00Z",
"dateUpdated": "2024-09-16T19:09:55.582Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-2134
Vulnerability from cvelistv5
Published
2014-05-08 10:00
Modified
2024-08-06 10:05
Severity ?
EPSS score ?
Summary
Heap-based buffer overflow in Cisco WebEx Recording Format (WRF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 before T29.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted audio channel in a .wrf file, aka Bug ID CSCuc39458.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140507-webex | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:05:59.707Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20140507 Multiple Vulnerabilities in the Cisco WebEx Recording Format and Advanced Recording Format Players",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140507-webex"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-05-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in Cisco WebEx Recording Format (WRF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 before T29.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted audio channel in a .wrf file, aka Bug ID CSCuc39458."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-05-08T07:57:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20140507 Multiple Vulnerabilities in the Cisco WebEx Recording Format and Advanced Recording Format Players",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140507-webex"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2014-2134",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in Cisco WebEx Recording Format (WRF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 before T29.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted audio channel in a .wrf file, aka Bug ID CSCuc39458."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20140507 Multiple Vulnerabilities in the Cisco WebEx Recording Format and Advanced Recording Format Players",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140507-webex"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2014-2134",
"datePublished": "2014-05-08T10:00:00",
"dateReserved": "2014-02-25T00:00:00",
"dateUpdated": "2024-08-06T10:05:59.707Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-1336
Vulnerability from cvelistv5
Published
2012-04-04 21:00
Modified
2024-08-06 18:53
Severity ?
EPSS score ?
Summary
Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27 LC before SP25 EP10, and T27 LD before SP32 CP1 allows remote attackers to execute arbitrary code via a crafted WRF file, a different vulnerability than CVE-2012-1335 and CVE-2012-1337.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120404-webex | vendor-advisory, x_refsource_CISCO | |
| http://www.securitytracker.com/id?1026888 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:53:37.165Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20120404 Buffer Overflow Vulnerabilities in the Cisco WebEx Player",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120404-webex"
},
{
"name": "1026888",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026888"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-04-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27 LC before SP25 EP10, and T27 LD before SP32 CP1 allows remote attackers to execute arbitrary code via a crafted WRF file, a different vulnerability than CVE-2012-1335 and CVE-2012-1337."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-11-20T10:00:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20120404 Buffer Overflow Vulnerabilities in the Cisco WebEx Player",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120404-webex"
},
{
"name": "1026888",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026888"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2012-1336",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27 LC before SP25 EP10, and T27 LD before SP32 CP1 allows remote attackers to execute arbitrary code via a crafted WRF file, a different vulnerability than CVE-2012-1335 and CVE-2012-1337."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20120404 Buffer Overflow Vulnerabilities in the Cisco WebEx Player",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120404-webex"
},
{
"name": "1026888",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1026888"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2012-1336",
"datePublished": "2012-04-04T21:00:00",
"dateReserved": "2012-02-27T00:00:00",
"dateUpdated": "2024-08-06T18:53:37.165Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-1335
Vulnerability from cvelistv5
Published
2012-04-04 21:00
Modified
2024-08-06 18:53
Severity ?
EPSS score ?
Summary
Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27 LC before SP25 EP10, and T27 LD before SP32 CP1 allows remote attackers to execute arbitrary code via a crafted WRF file, a different vulnerability than CVE-2012-1336 and CVE-2012-1337.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120404-webex | vendor-advisory, x_refsource_CISCO | |
| http://www.securitytracker.com/id?1026888 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:53:37.175Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20120404 Buffer Overflow Vulnerabilities in the Cisco WebEx Player",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120404-webex"
},
{
"name": "1026888",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026888"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-04-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27 LC before SP25 EP10, and T27 LD before SP32 CP1 allows remote attackers to execute arbitrary code via a crafted WRF file, a different vulnerability than CVE-2012-1336 and CVE-2012-1337."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-11-20T10:00:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20120404 Buffer Overflow Vulnerabilities in the Cisco WebEx Player",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120404-webex"
},
{
"name": "1026888",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026888"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2012-1335",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27 LC before SP25 EP10, and T27 LD before SP32 CP1 allows remote attackers to execute arbitrary code via a crafted WRF file, a different vulnerability than CVE-2012-1336 and CVE-2012-1337."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20120404 Buffer Overflow Vulnerabilities in the Cisco WebEx Player",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120404-webex"
},
{
"name": "1026888",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1026888"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2012-1335",
"datePublished": "2012-04-04T21:00:00",
"dateReserved": "2012-02-27T00:00:00",
"dateUpdated": "2024-08-06T18:53:37.175Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-2136
Vulnerability from cvelistv5
Published
2014-05-08 10:00
Modified
2024-08-06 10:05
Severity ?
EPSS score ?
Summary
Buffer overflow in Cisco Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 before T29.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted .arf file, aka Bug IDs CSCui72223, CSCul01163, and CSCul01166.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140507-webex | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:05:59.749Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20140507 Multiple Vulnerabilities in the Cisco WebEx Recording Format and Advanced Recording Format Players",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140507-webex"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-05-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Cisco Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 before T29.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted .arf file, aka Bug IDs CSCui72223, CSCul01163, and CSCul01166."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-05-08T07:57:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20140507 Multiple Vulnerabilities in the Cisco WebEx Recording Format and Advanced Recording Format Players",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140507-webex"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2014-2136",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Cisco Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 before T29.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted .arf file, aka Bug IDs CSCui72223, CSCul01163, and CSCul01166."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20140507 Multiple Vulnerabilities in the Cisco WebEx Recording Format and Advanced Recording Format Players",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140507-webex"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2014-2136",
"datePublished": "2014-05-08T10:00:00",
"dateReserved": "2014-02-25T00:00:00",
"dateUpdated": "2024-08-06T10:05:59.749Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-3936
Vulnerability from cvelistv5
Published
2012-10-25 14:00
Modified
2024-08-06 20:21
Severity ?
EPSS score ?
Summary
Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCua40962.
References
| ▼ | URL | Tags |
|---|---|---|
| http://osvdb.org/86141 | vdb-entry, x_refsource_OSVDB | |
| http://www.securitytracker.com/id?1027639 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/55866 | vdb-entry, x_refsource_BID | |
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-webex | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:21:04.042Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "86141",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/86141"
},
{
"name": "1027639",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027639"
},
{
"name": "55866",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/55866"
},
{
"name": "20121010 Multiple Vulnerabilities in the Cisco WebEx Recording Format Player",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-webex"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-10-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCua40962."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-03-02T10:00:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "86141",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/86141"
},
{
"name": "1027639",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027639"
},
{
"name": "55866",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/55866"
},
{
"name": "20121010 Multiple Vulnerabilities in the Cisco WebEx Recording Format Player",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-webex"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2012-3936",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCua40962."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "86141",
"refsource": "OSVDB",
"url": "http://osvdb.org/86141"
},
{
"name": "1027639",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027639"
},
{
"name": "55866",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/55866"
},
{
"name": "20121010 Multiple Vulnerabilities in the Cisco WebEx Recording Format Player",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-webex"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2012-3936",
"datePublished": "2012-10-25T14:00:00",
"dateReserved": "2012-07-10T00:00:00",
"dateUpdated": "2024-08-06T20:21:04.042Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-3056
Vulnerability from cvelistv5
Published
2012-06-29 14:37
Modified
2024-09-16 18:23
Severity ?
EPSS score ?
Summary
Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27 LC before SP25 EP11, T27 LD before SP32 CP2, and T28 L10N before SP1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted WRF file, aka Bug ID CSCtz72946.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120627-webex | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:50:05.368Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20120627 Buffer Overflow Vulnerabilities in the Cisco WebEx Player",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120627-webex"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27 LC before SP25 EP11, T27 LD before SP32 CP2, and T28 L10N before SP1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted WRF file, aka Bug ID CSCtz72946."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-06-29T14:37:00Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20120627 Buffer Overflow Vulnerabilities in the Cisco WebEx Player",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120627-webex"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2012-3056",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27 LC before SP25 EP11, T27 LD before SP32 CP2, and T28 L10N before SP1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted WRF file, aka Bug ID CSCtz72946."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20120627 Buffer Overflow Vulnerabilities in the Cisco WebEx Player",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120627-webex"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2012-3056",
"datePublished": "2012-06-29T14:37:00Z",
"dateReserved": "2012-05-30T00:00:00Z",
"dateUpdated": "2024-09-16T18:23:21.841Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-3937
Vulnerability from cvelistv5
Published
2012-10-25 14:00
Modified
2024-08-06 20:21
Severity ?
EPSS score ?
Summary
Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCtz72967.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securitytracker.com/id?1027639 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/55866 | vdb-entry, x_refsource_BID | |
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-webex | vendor-advisory, x_refsource_CISCO | |
| http://osvdb.org/86142 | vdb-entry, x_refsource_OSVDB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:21:04.221Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1027639",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1027639"
},
{
"name": "55866",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/55866"
},
{
"name": "20121010 Multiple Vulnerabilities in the Cisco WebEx Recording Format Player",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-webex"
},
{
"name": "86142",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/86142"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-10-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCtz72967."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-03-02T10:00:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "1027639",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1027639"
},
{
"name": "55866",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/55866"
},
{
"name": "20121010 Multiple Vulnerabilities in the Cisco WebEx Recording Format Player",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-webex"
},
{
"name": "86142",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/86142"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2012-3937",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCtz72967."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1027639",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1027639"
},
{
"name": "55866",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/55866"
},
{
"name": "20121010 Multiple Vulnerabilities in the Cisco WebEx Recording Format Player",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-webex"
},
{
"name": "86142",
"refsource": "OSVDB",
"url": "http://osvdb.org/86142"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2012-3937",
"datePublished": "2012-10-25T14:00:00",
"dateReserved": "2012-07-10T00:00:00",
"dateUpdated": "2024-08-06T20:21:04.221Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2014-2133
Vulnerability from cvelistv5
Published
2014-05-08 10:00
Modified
2024-08-06 10:05
Severity ?
EPSS score ?
Summary
Buffer overflow in Cisco Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 before T29.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted .arf file that triggers improper LZW decompression, aka Bug ID CSCuj87565.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140507-webex | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:05:59.549Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20140507 Multiple Vulnerabilities in the Cisco WebEx Recording Format and Advanced Recording Format Players",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140507-webex"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-05-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Cisco Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 before T29.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted .arf file that triggers improper LZW decompression, aka Bug ID CSCuj87565."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-05-08T07:57:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20140507 Multiple Vulnerabilities in the Cisco WebEx Recording Format and Advanced Recording Format Players",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140507-webex"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2014-2133",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Cisco Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 before T29.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted .arf file that triggers improper LZW decompression, aka Bug ID CSCuj87565."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20140507 Multiple Vulnerabilities in the Cisco WebEx Recording Format and Advanced Recording Format Players",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140507-webex"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2014-2133",
"datePublished": "2014-05-08T10:00:00",
"dateReserved": "2014-02-25T00:00:00",
"dateUpdated": "2024-08-06T10:05:59.549Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-3057
Vulnerability from cvelistv5
Published
2012-06-29 14:37
Modified
2024-09-16 23:35
Severity ?
EPSS score ?
Summary
Heap-based buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27 LC before SP25 EP11, T27 LD before SP32 CP2, and T28 L10N before SP1 allows remote attackers to execute arbitrary code via a crafted size field in audio data within a WRF file, aka Bug ID CSCtz00755.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120627-webex | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:50:05.468Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20120627 Buffer Overflow Vulnerabilities in the Cisco WebEx Player",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120627-webex"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27 LC before SP25 EP11, T27 LD before SP32 CP2, and T28 L10N before SP1 allows remote attackers to execute arbitrary code via a crafted size field in audio data within a WRF file, aka Bug ID CSCtz00755."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-06-29T14:37:00Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20120627 Buffer Overflow Vulnerabilities in the Cisco WebEx Player",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120627-webex"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2012-3057",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27 LC before SP25 EP11, T27 LD before SP32 CP2, and T28 L10N before SP1 allows remote attackers to execute arbitrary code via a crafted size field in audio data within a WRF file, aka Bug ID CSCtz00755."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20120627 Buffer Overflow Vulnerabilities in the Cisco WebEx Player",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120627-webex"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2012-3057",
"datePublished": "2012-06-29T14:37:00Z",
"dateReserved": "2012-05-30T00:00:00Z",
"dateUpdated": "2024-09-16T23:35:51.213Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2013-1118
Vulnerability from cvelistv5
Published
2013-09-06 10:00
Modified
2024-09-17 03:27
Severity ?
EPSS score ?
Summary
Stack-based buffer overflow in Cisco WebEx Recording Format (WRF) player T27 LD before SP32 EP16, T27 L10N before SP32_ORION111, and T28 before T28.8 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCuc27645.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130904-webex | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T14:49:20.691Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20130904 Multiple Vulnerabilities in the Cisco WebEx Recording Format and Advanced Recording Format Players",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130904-webex"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in Cisco WebEx Recording Format (WRF) player T27 LD before SP32 EP16, T27 L10N before SP32_ORION111, and T28 before T28.8 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCuc27645."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-09-06T10:00:00Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20130904 Multiple Vulnerabilities in the Cisco WebEx Recording Format and Advanced Recording Format Players",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130904-webex"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2013-1118",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in Cisco WebEx Recording Format (WRF) player T27 LD before SP32 EP16, T27 L10N before SP32_ORION111, and T28 before T28.8 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCuc27645."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20130904 Multiple Vulnerabilities in the Cisco WebEx Recording Format and Advanced Recording Format Players",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130904-webex"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2013-1118",
"datePublished": "2013-09-06T10:00:00Z",
"dateReserved": "2013-01-11T00:00:00Z",
"dateUpdated": "2024-09-17T03:27:22.714Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-3055
Vulnerability from cvelistv5
Published
2012-06-29 14:37
Modified
2024-09-16 19:14
Severity ?
EPSS score ?
Summary
Stack-based buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27 LC before SP25 EP11, T27 LD before SP32 CP2, and T28 L10N before SP1 allows remote attackers to execute arbitrary code via a crafted DHT chunk in a JPEG image within a WRF file, aka Bug ID CSCtz72953.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120627-webex | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T19:50:05.464Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20120627 Buffer Overflow Vulnerabilities in the Cisco WebEx Player",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120627-webex"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27 LC before SP25 EP11, T27 LD before SP32 CP2, and T28 L10N before SP1 allows remote attackers to execute arbitrary code via a crafted DHT chunk in a JPEG image within a WRF file, aka Bug ID CSCtz72953."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-06-29T14:37:00Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20120627 Buffer Overflow Vulnerabilities in the Cisco WebEx Player",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120627-webex"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2012-3055",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27 LC before SP25 EP11, T27 LD before SP32 CP2, and T28 L10N before SP1 allows remote attackers to execute arbitrary code via a crafted DHT chunk in a JPEG image within a WRF file, aka Bug ID CSCtz72953."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20120627 Buffer Overflow Vulnerabilities in the Cisco WebEx Player",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120627-webex"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2012-3055",
"datePublished": "2012-06-29T14:37:00Z",
"dateReserved": "2012-05-30T00:00:00Z",
"dateUpdated": "2024-09-16T19:14:56.000Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}