Skip to main content

Webex Recording Format Player CVE-2012-3941

CRITICAL
Buffer Overflow (CWE-119)
2012-10-25 psirt@cisco.com
9.3
CVSS 2.0 · NVD
Share

Severity by source

NVD PRIMARY
9.3 CRITICAL
AV:N/AC:M/Au:N/C:C/I:C/A:C

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

AV:N/AC:M/Au:N/C:C/I:C/A:C
Attack Vector
Network
Attack Complexity
M
Confidentiality
C
Integrity
C
Availability
C

Lifecycle Timeline

1
CVE Published
Oct 25, 2012 - 14:55 cve.org
CRITICAL 9.3

DescriptionCVE.org

Heap-based buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCtz72850.

AnalysisAI

Heap-based buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code via a crafted WRF file, aka. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable.

Technical ContextAI

This vulnerability is classified as Buffer Overflow (CWE-119), which allows attackers to corrupt memory to execute arbitrary code or crash the application. Heap-based buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCtz72850. Affected products include: Cisco Webex Recording Format Player.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Use memory-safe languages or bounds-checking. Enable ASLR, DEP/NX, stack canaries. Use safe string functions.

CVE-2012-1337 CRITICAL
9.3 Apr 05

Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27

CVE-2012-3940 CRITICAL
9.3 Oct 25

Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows rem

CVE-2012-3938 CRITICAL
9.3 Oct 25

Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows rem

CVE-2012-3937 CRITICAL
9.3 Oct 25

Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows rem

CVE-2012-3936 CRITICAL
9.3 Oct 25

Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows rem

CVE-2012-1336 CRITICAL
9.3 Apr 05

Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27

CVE-2012-1335 CRITICAL
9.3 Apr 05

Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27

CVE-2012-3939 CRITICAL
9.3 Oct 25

Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows rem

CVE-2014-2136 CRITICAL
9.3 May 08

Buffer overflow in Cisco Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 befo

CVE-2014-2135 CRITICAL
9.3 May 08

Buffer overflow in Cisco Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 befo

CVE-2014-2133 CRITICAL
9.3 May 08

Buffer overflow in Cisco Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 befo

CVE-2012-3057 CRITICAL
9.3 Jun 29

Heap-based buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21

Share

CVE-2012-3941 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy