Skip to main content

Webex Recording Format Player CVE-2013-1119

CRITICAL
Buffer Overflow (CWE-119)
2013-09-06 psirt@cisco.com
9.3
CVSS 2.0 · NVD
Share

Severity by source

NVD PRIMARY
9.3 CRITICAL
AV:N/AC:M/Au:N/C:C/I:C/A:C

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

AV:N/AC:M/Au:N/C:C/I:C/A:C
Attack Vector
Network
Attack Complexity
M
Confidentiality
C
Integrity
C
Availability
C

Lifecycle Timeline

1
CVE Published
Sep 06, 2013 - 11:15 cve.org
CRITICAL 9.3

DescriptionCVE.org

Buffer overflow in Cisco WebEx Recording Format (WRF) player T27 LD before SP32 EP16, T27 L10N before SP32_ORION111, and T28 before T28.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted DHT index value in JPEG data within a WRF file, aka Bug ID CSCuc24503.

AnalysisAI

Buffer overflow in Cisco WebEx Recording Format (WRF) player T27 LD before SP32 EP16, T27 L10N before SP32_ORION111, and T28 before T28.8 allows remote attackers to execute arbitrary code or cause a. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Buffer Overflow (CWE-119), which allows attackers to corrupt memory to execute arbitrary code or crash the application. Buffer overflow in Cisco WebEx Recording Format (WRF) player T27 LD before SP32 EP16, T27 L10N before SP32_ORION111, and T28 before T28.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted DHT index value in JPEG data within a WRF file, aka Bug ID CSCuc24503. Affected products include: Cisco Webex Recording Format Player.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Use memory-safe languages or bounds-checking. Enable ASLR, DEP/NX, stack canaries. Use safe string functions.

CVE-2012-1337 CRITICAL
9.3 Apr 05

Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27

CVE-2012-3940 CRITICAL
9.3 Oct 25

Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows rem

CVE-2012-3938 CRITICAL
9.3 Oct 25

Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows rem

CVE-2012-3937 CRITICAL
9.3 Oct 25

Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows rem

CVE-2012-3936 CRITICAL
9.3 Oct 25

Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows rem

CVE-2012-1336 CRITICAL
9.3 Apr 05

Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27

CVE-2012-1335 CRITICAL
9.3 Apr 05

Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27

CVE-2012-3941 CRITICAL
9.3 Oct 25

Heap-based buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4

CVE-2012-3939 CRITICAL
9.3 Oct 25

Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows rem

CVE-2014-2136 CRITICAL
9.3 May 08

Buffer overflow in Cisco Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 befo

CVE-2014-2135 CRITICAL
9.3 May 08

Buffer overflow in Cisco Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 befo

CVE-2014-2133 CRITICAL
9.3 May 08

Buffer overflow in Cisco Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 befo

Share

CVE-2013-1119 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy