Webex Advanced Recording Format Player
CVE-2014-2135
CRITICAL
Severity by source
AV:N/AC:M/Au:N/C:C/I:C/A:C
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
AV:N/AC:M/Au:N/C:C/I:C/A:C
Lifecycle Timeline
1DescriptionCVE.org
Buffer overflow in Cisco Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 before T29.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted .arf file, aka Bug IDs CSCul87216 and CSCuj07603.
AnalysisAI
Buffer overflow in Cisco Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 before T29.2 allows remote attackers to execute arbitrary code or cause a denial of. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Buffer Overflow (CWE-119), which allows attackers to corrupt memory to execute arbitrary code or crash the application. Buffer overflow in Cisco Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 before T29.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted .arf file, aka Bug IDs CSCul87216 and CSCuj07603. Affected products include: Cisco Webex Advanced Recording Format Player, Cisco Webex Recording Format Player.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Use memory-safe languages or bounds-checking. Enable ASLR, DEP/NX, stack canaries. Use safe string functions.
Buffer overflow in Cisco Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 befo
Buffer overflow in Cisco Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 befo
Buffer overflow in the Cisco WebEx Advanced Recording Format (ARF) player T27 L through SP11 EP26, T27 LB through SP21 E
Heap-based buffer overflow in Cisco WebEx Recording Format (WRF) player T27 LD before SP32 EP16, T28 before T28.12, and
Buffer overflow in Cisco WebEx Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T27 L10N before SP32_ORIO
Buffer overflow in Cisco WebEx Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T27 L10N before SP32_ORIO
Multiple buffer overflow vulnerabilities exist in the Cisco WebEx Network Recording Player for Advanced Recording Format
Cisco WebEx Recording Format (WRF) player and Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28 before
Same weakness CWE-119 – Buffer Overflow
View allSame technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today