cvelistv5 - cve-2014-2132

CVE-2014-2132 (GCVE-0-2014-2132)

Vulnerability from cvelistv5 – Published: 2014-05-08 10:00 – Updated: 2024-08-06 10:05

Summary

Severity ?

No CVSS data available.

CWE

Assigner

cisco

References

URL

Tags

http://tools.cisco.com/security/center/content/Ci…

vendor-advisoryx_refsource_CISCO

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T10:05:59.493Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20140507 Multiple Vulnerabilities in the Cisco WebEx Recording Format and Advanced Recording Format Players",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140507-webex"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-05-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cisco WebEx Recording Format (WRF) player and Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 before T29.2 allow remote attackers to cause a denial of service (application crash) via a crafted (1) .wrf or (2) .arf file that triggers a buffer over-read, aka Bug ID CSCuh52768."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2014-05-08T07:57:00",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "20140507 Multiple Vulnerabilities in the Cisco WebEx Recording Format and Advanced Recording Format Players",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140507-webex"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2014-2132",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cisco WebEx Recording Format (WRF) player and Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 before T29.2 allow remote attackers to cause a denial of service (application crash) via a crafted (1) .wrf or (2) .arf file that triggers a buffer over-read, aka Bug ID CSCuh52768."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20140507 Multiple Vulnerabilities in the Cisco WebEx Recording Format and Advanced Recording Format Players",
              "refsource": "CISCO",
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140507-webex"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2014-2132",
    "datePublished": "2014-05-08T10:00:00",
    "dateReserved": "2014-02-25T00:00:00",
    "dateUpdated": "2024-08-06T10:05:59.493Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:webex_advanced_recording_format_player:t27ld:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E28EF0C1-7BCE-4C50-A3D9-483BC5C30CA2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:webex_advanced_recording_format_player:t28:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EEBD5AC9-1395-4D2B-ABDE-0C6FBD3635C4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:webex_advanced_recording_format_player:t29:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"754DFFF3-78AB-4B3A-BDAE-5994D2CDFA82\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:webex_recording_format_player:t27ld:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AC0E0061-F1F8-4B1B-8495-A519DF16A60C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:webex_recording_format_player:t28:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"98E3845B-EE9A-4D0C-8160-F86AE8FE1B1A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:webex_recording_format_player:t29:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3C2A45E8-B582-4249-AD81-77D9E02D146A\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Cisco WebEx Recording Format (WRF) player and Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 before T29.2 allow remote attackers to cause a denial of service (application crash) via a crafted (1) .wrf or (2) .arf file that triggers a buffer over-read, aka Bug ID CSCuh52768.\"}, {\"lang\": \"es\", \"value\": \"Cisco WebEx Recording Format (WRF) Player y Advanced Recording Format (ARF) Player T27 LD anterior a SP32 EP16, T28 anterior a T28.12 y T29 anterior a T29.2 permiten a atacantes remotos causar una denegaci\\u00f3n de servicio (ca\\u00edda de aplicaci\\u00f3n) a trav\\u00e9s de un archivo (1) .wrf o (2) .arf manipulado que provoca una sobrelectura de buffer, tambi\\u00e9n conocido como Bug ID CSCuh52768.\"}]",
      "id": "CVE-2014-2132",
      "lastModified": "2024-11-21T02:05:42.840",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:C\", \"baseScore\": 7.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2014-05-08T10:55:03.700",
      "references": "[{\"url\": \"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140507-webex\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140507-webex\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "ykramarz@cisco.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-119\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2014-2132\",\"sourceIdentifier\":\"psirt@cisco.com\",\"published\":\"2014-05-08T10:55:03.700\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Cisco WebEx Recording Format (WRF) player and Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 before T29.2 allow remote attackers to cause a denial of service (application crash) via a crafted (1) .wrf or (2) .arf file that triggers a buffer over-read, aka Bug ID CSCuh52768.\"},{\"lang\":\"es\",\"value\":\"Cisco WebEx Recording Format (WRF) Player y Advanced Recording Format (ARF) Player T27 LD anterior a SP32 EP16, T28 anterior a T28.12 y T29 anterior a T29.2 permiten a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) a trav\u00e9s de un archivo (1) .wrf o (2) .arf manipulado que provoca una sobrelectura de buffer, tambi\u00e9n conocido como Bug ID CSCuh52768.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:C\",\"baseScore\":7.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_advanced_recording_format_player:t27ld:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E28EF0C1-7BCE-4C50-A3D9-483BC5C30CA2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_advanced_recording_format_player:t28:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EEBD5AC9-1395-4D2B-ABDE-0C6FBD3635C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_advanced_recording_format_player:t29:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"754DFFF3-78AB-4B3A-BDAE-5994D2CDFA82\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_recording_format_player:t27ld:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AC0E0061-F1F8-4B1B-8495-A519DF16A60C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_recording_format_player:t28:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"98E3845B-EE9A-4D0C-8160-F86AE8FE1B1A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:webex_recording_format_player:t29:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C2A45E8-B582-4249-AD81-77D9E02D146A\"}]}]}],\"references\":[{\"url\":\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140507-webex\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140507-webex\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}

GHSA-7854-Q65J-F45F

Vulnerability from github – Published: 2022-05-17 04:44 – Updated: 2022-05-17 04:44

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2014-2132"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-119"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2014-05-08T10:55:00Z",
    "severity": "HIGH"
  },
  "details": "Cisco WebEx Recording Format (WRF) player and Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 before T29.2 allow remote attackers to cause a denial of service (application crash) via a crafted (1) .wrf or (2) .arf file that triggers a buffer over-read, aka Bug ID CSCuh52768.",
  "id": "GHSA-7854-q65j-f45f",
  "modified": "2022-05-17T04:44:46Z",
  "published": "2022-05-17T04:44:45Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-2132"
    },
    {
      "type": "WEB",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140507-webex"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GSD-2014-2132

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2014-2132

Aliases

CVE-2014-2132

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2014-2132",
    "description": "Cisco WebEx Recording Format (WRF) player and Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 before T29.2 allow remote attackers to cause a denial of service (application crash) via a crafted (1) .wrf or (2) .arf file that triggers a buffer over-read, aka Bug ID CSCuh52768.",
    "id": "GSD-2014-2132"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2014-2132"
      ],
      "details": "Cisco WebEx Recording Format (WRF) player and Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 before T29.2 allow remote attackers to cause a denial of service (application crash) via a crafted (1) .wrf or (2) .arf file that triggers a buffer over-read, aka Bug ID CSCuh52768.",
      "id": "GSD-2014-2132",
      "modified": "2023-12-13T01:22:46.640033Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@cisco.com",
        "ID": "CVE-2014-2132",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Cisco WebEx Recording Format (WRF) player and Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 before T29.2 allow remote attackers to cause a denial of service (application crash) via a crafted (1) .wrf or (2) .arf file that triggers a buffer over-read, aka Bug ID CSCuh52768."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "20140507 Multiple Vulnerabilities in the Cisco WebEx Recording Format and Advanced Recording Format Players",
            "refsource": "CISCO",
            "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140507-webex"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:t28:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:t28:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:t29:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:t29:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:t27ld:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:t27ld:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2014-2132"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Cisco WebEx Recording Format (WRF) player and Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 before T29.2 allow remote attackers to cause a denial of service (application crash) via a crafted (1) .wrf or (2) .arf file that triggers a buffer over-read, aka Bug ID CSCuh52768."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-119"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20140507 Multiple Vulnerabilities in the Cisco WebEx Recording Format and Advanced Recording Format Players",
              "refsource": "CISCO",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140507-webex"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2014-05-08T13:21Z",
      "publishedDate": "2014-05-08T10:55Z"
    }
  }
}

VAR-201405-0477

Vulnerability from variot - Updated: 2023-12-18 12:30

Cisco WebEx Recording Format (WRF) player and Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 before T29.2 allow remote attackers to cause a denial of service (application crash) via a crafted (1) .wrf or (2) .arf file that triggers a buffer over-read, aka Bug ID CSCuh52768. Cisco WebEx WRF and ARF Players are prone to a denial-of-service vulnerability. Attackers can exploit this issue to crash the affected application, denying service to legitimate users. This issue is being tracked by Cisco Bug ID CSCuh52768

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201405-0477",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "webex advanced recording format player",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "t28"
      },
      {
        "model": "webex recording format player",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "t27ld"
      },
      {
        "model": "webex recording format player",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "t29"
      },
      {
        "model": "webex recording format player",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "t28"
      },
      {
        "model": "webex advanced recording format player",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "t27ld"
      },
      {
        "model": "webex advanced recording format player",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "t29"
      },
      {
        "model": "webex advanced recording format player",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "t27 ld thats all  t27 ld sp32 ep16"
      },
      {
        "model": "webex advanced recording format player",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "t28 thats all  t28.12"
      },
      {
        "model": "webex advanced recording format player",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "t29 thats all  t29.2"
      },
      {
        "model": "webex recording format player",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "t27 ld thats all  t27 ld sp32 ep16"
      },
      {
        "model": "webex recording format player",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "t28 thats all  t28.12"
      },
      {
        "model": "webex recording format player",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "t29 thats all  t29.2"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-002424"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-2132"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201405-155"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:t28:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:t28:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:t29:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:t29:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:t27ld:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:webex_recording_format_player:t27ld:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2014-2132"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Fortinet",
    "sources": [
      {
        "db": "BID",
        "id": "67259"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2014-2132",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 7.8,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2014-2132",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "VHN-70071",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2014-2132",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201405-155",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-70071",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-70071"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-002424"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-2132"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201405-155"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco WebEx Recording Format (WRF) player and Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 before T29.2 allow remote attackers to cause a denial of service (application crash) via a crafted (1) .wrf or (2) .arf file that triggers a buffer over-read, aka Bug ID CSCuh52768. Cisco WebEx WRF and ARF Players are prone to a denial-of-service vulnerability. \nAttackers can exploit this issue to crash the affected application, denying service to legitimate users. \nThis issue is being tracked by Cisco Bug ID CSCuh52768",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2014-2132"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-002424"
      },
      {
        "db": "BID",
        "id": "67259"
      },
      {
        "db": "VULHUB",
        "id": "VHN-70071"
      }
    ],
    "trust": 1.98
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2014-2132",
        "trust": 2.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-002424",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201405-155",
        "trust": 0.7
      },
      {
        "db": "CISCO",
        "id": "20140507 MULTIPLE VULNERABILITIES IN THE CISCO WEBEX RECORDING FORMAT AND ADVANCED RECORDING FORMAT PLAYERS",
        "trust": 0.6
      },
      {
        "db": "BID",
        "id": "67259",
        "trust": 0.4
      },
      {
        "db": "VULHUB",
        "id": "VHN-70071",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-70071"
      },
      {
        "db": "BID",
        "id": "67259"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-002424"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-2132"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201405-155"
      }
    ]
  },
  "id": "VAR-201405-0477",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-70071"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T12:30:40.861000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "cisco-sa-20140507-webex",
        "trust": 0.8,
        "url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20140507-webex"
      },
      {
        "title": "34029",
        "trust": 0.8,
        "url": "http://tools.cisco.com/security/center/viewalert.x?alertid=34029"
      },
      {
        "title": "cisco-sa-20140507-webex",
        "trust": 0.8,
        "url": "http://www.cisco.com/cisco/web/support/jp/112/1122/1122550_cisco-sa-20140507-webex-j.html"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-002424"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-119",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-70071"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-002424"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-2132"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.7,
        "url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20140507-webex"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-2132"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-2132"
      },
      {
        "trust": 0.3,
        "url": "http://www.webex.com/"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-70071"
      },
      {
        "db": "BID",
        "id": "67259"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-002424"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-2132"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201405-155"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-70071"
      },
      {
        "db": "BID",
        "id": "67259"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-002424"
      },
      {
        "db": "NVD",
        "id": "CVE-2014-2132"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201405-155"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2014-05-08T00:00:00",
        "db": "VULHUB",
        "id": "VHN-70071"
      },
      {
        "date": "2014-05-07T00:00:00",
        "db": "BID",
        "id": "67259"
      },
      {
        "date": "2014-05-09T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-002424"
      },
      {
        "date": "2014-05-08T10:55:03.700000",
        "db": "NVD",
        "id": "CVE-2014-2132"
      },
      {
        "date": "2014-05-12T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201405-155"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2014-05-08T00:00:00",
        "db": "VULHUB",
        "id": "VHN-70071"
      },
      {
        "date": "2014-05-07T00:00:00",
        "db": "BID",
        "id": "67259"
      },
      {
        "date": "2014-05-09T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2014-002424"
      },
      {
        "date": "2014-05-08T13:21:48.667000",
        "db": "NVD",
        "id": "CVE-2014-2132"
      },
      {
        "date": "2014-05-12T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201405-155"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201405-155"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco WebEx Recording Format Player and  Advanced Recording Format Player Service disruption in  (DoS) Vulnerabilities",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2014-002424"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "buffer overflow",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201405-155"
      }
    ],
    "trust": 0.6
  }
}

CERTFR-2014-AVI-216

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été corrigées dans Cisco WebEx. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance et un déni de service à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Cisco	N/A	Cisco WebEx 11 versions antérieures à 1.2.10 avec client builds versions antérieures à T28.12
Cisco	N/A	Cisco WebEx Business Suite (WBS28) client builds, versions antérieures à T28.12
Cisco	N/A	Cisco WebEx Meetings Server client builds, versions antérieures à 2.0.0.1677
Cisco	N/A	Cisco WebEx Business Suite (WBS29) client builds, versions antérieures à T29.2
Cisco	N/A	Cisco WebEx Business Suite (WBS27) client builds, versions antérieures à T27LDSP32EP16 (27.32.16)

References

Title

Publication Time

Tags

Bulletin de sécurité Cisco cisco-sa-20140507-webex du 07 mai 2014	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20140507-webex du 07 mai 2014	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Cisco WebEx 11 versions ant\u00e9rieures \u00e0 1.2.10 avec client builds versions ant\u00e9rieures \u00e0 T28.12",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco WebEx Business Suite (WBS28) client builds, versions ant\u00e9rieures \u00e0 T28.12",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco WebEx Meetings Server client builds, versions ant\u00e9rieures \u00e0 2.0.0.1677",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco WebEx Business Suite (WBS29) client builds, versions ant\u00e9rieures \u00e0 T29.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco WebEx Business Suite (WBS27) client builds, versions ant\u00e9rieures \u00e0 T27LDSP32EP16 (27.32.16)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2014-2136",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-2136"
    },
    {
      "name": "CVE-2014-2135",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-2135"
    },
    {
      "name": "CVE-2014-2132",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-2132"
    },
    {
      "name": "CVE-2014-2133",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-2133"
    },
    {
      "name": "CVE-2014-2134",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-2134"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20140507-webex du 07    mai 2014",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140507-webex"
    }
  ],
  "reference": "CERTFR-2014-AVI-216",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2014-05-09T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eCisco WebEx\u003c/span\u003e. Elles permettent \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire \u00e0 distance et un d\u00e9ni de\nservice \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Cisco WebEx",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20140507-webex du 07 mai 2014",
      "url": null
    }
  ]
}

CERTFR-2014-AVI-216

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été corrigées dans Cisco WebEx. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance et un déni de service à distance.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Cisco	N/A	Cisco WebEx 11 versions antérieures à 1.2.10 avec client builds versions antérieures à T28.12
Cisco	N/A	Cisco WebEx Business Suite (WBS28) client builds, versions antérieures à T28.12
Cisco	N/A	Cisco WebEx Meetings Server client builds, versions antérieures à 2.0.0.1677
Cisco	N/A	Cisco WebEx Business Suite (WBS29) client builds, versions antérieures à T29.2
Cisco	N/A	Cisco WebEx Business Suite (WBS27) client builds, versions antérieures à T27LDSP32EP16 (27.32.16)

References

Title

Publication Time

Tags

Bulletin de sécurité Cisco cisco-sa-20140507-webex du 07 mai 2014	None	vendor-advisory
Bulletin de sécurité Cisco cisco-sa-20140507-webex du 07 mai 2014	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Cisco WebEx 11 versions ant\u00e9rieures \u00e0 1.2.10 avec client builds versions ant\u00e9rieures \u00e0 T28.12",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco WebEx Business Suite (WBS28) client builds, versions ant\u00e9rieures \u00e0 T28.12",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco WebEx Meetings Server client builds, versions ant\u00e9rieures \u00e0 2.0.0.1677",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco WebEx Business Suite (WBS29) client builds, versions ant\u00e9rieures \u00e0 T29.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    },
    {
      "description": "Cisco WebEx Business Suite (WBS27) client builds, versions ant\u00e9rieures \u00e0 T27LDSP32EP16 (27.32.16)",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Cisco",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2014-2136",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-2136"
    },
    {
      "name": "CVE-2014-2135",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-2135"
    },
    {
      "name": "CVE-2014-2132",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-2132"
    },
    {
      "name": "CVE-2014-2133",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-2133"
    },
    {
      "name": "CVE-2014-2134",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-2134"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20140507-webex du 07    mai 2014",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140507-webex"
    }
  ],
  "reference": "CERTFR-2014-AVI-216",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2014-05-09T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eCisco WebEx\u003c/span\u003e. Elles permettent \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire \u00e0 distance et un d\u00e9ni de\nservice \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Cisco WebEx",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco cisco-sa-20140507-webex du 07 mai 2014",
      "url": null
    }
  ]
}

FKIE_CVE-2014-2132

Vulnerability from fkie_nvd - Published: 2014-05-08 10:55 - Updated: 2025-04-12 10:46

Severity ?

Summary

References

	URL	Tags
	psirt@cisco.com	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140507-webex	Vendor Advisory
	af854a3a-2127-422b-91ae-364da2661108	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140507-webex	Vendor Advisory

Impacted products

Vendor	Product	Version
cisco	webex_advanced_recording_format_player	t27ld
cisco	webex_advanced_recording_format_player	t28
cisco	webex_advanced_recording_format_player	t29
cisco	webex_recording_format_player	t27ld
cisco	webex_recording_format_player	t28
cisco	webex_recording_format_player	t29

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:t27ld:*:*:*:*:*:*:*",
              "matchCriteriaId": "E28EF0C1-7BCE-4C50-A3D9-483BC5C30CA2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:t28:*:*:*:*:*:*:*",
              "matchCriteriaId": "EEBD5AC9-1395-4D2B-ABDE-0C6FBD3635C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:webex_advanced_recording_format_player:t29:*:*:*:*:*:*:*",
              "matchCriteriaId": "754DFFF3-78AB-4B3A-BDAE-5994D2CDFA82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:webex_recording_format_player:t27ld:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC0E0061-F1F8-4B1B-8495-A519DF16A60C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:webex_recording_format_player:t28:*:*:*:*:*:*:*",
              "matchCriteriaId": "98E3845B-EE9A-4D0C-8160-F86AE8FE1B1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:webex_recording_format_player:t29:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C2A45E8-B582-4249-AD81-77D9E02D146A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cisco WebEx Recording Format (WRF) player and Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 before T29.2 allow remote attackers to cause a denial of service (application crash) via a crafted (1) .wrf or (2) .arf file that triggers a buffer over-read, aka Bug ID CSCuh52768."
    },
    {
      "lang": "es",
      "value": "Cisco WebEx Recording Format (WRF) Player y Advanced Recording Format (ARF) Player T27 LD anterior a SP32 EP16, T28 anterior a T28.12 y T29 anterior a T29.2 permiten a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) a trav\u00e9s de un archivo (1) .wrf o (2) .arf manipulado que provoca una sobrelectura de buffer, tambi\u00e9n conocido como Bug ID CSCuh52768."
    }
  ],
  "id": "CVE-2014-2132",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2014-05-08T10:55:03.700",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140507-webex"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140507-webex"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2014-2132 (GCVE-0-2014-2132)

GHSA-7854-Q65J-F45F

GSD-2014-2132

VAR-201405-0477

CERTFR-2014-AVI-216

Solution

CERTFR-2014-AVI-216

Solution

FKIE_CVE-2014-2132

Tags

Sightings

Nomenclature