CVE-2012-3937

2012-10-2514:55:03

CWE-119

[email protected]

web.nvd.nist.gov

cve-2012-3937

buffer overflow

cisco webex

wrf

player

remote code execution

bug id csctz72967

security vulnerability

nvd

8 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.036 Low

EPSS

Percentile

91.6%

JSON

Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCtz72967.

Affected configurations

NVD

Node

ciscowebex_recording_format_playerMatch27.11.26

ciscowebex_recording_format_playerMatch27.21.10

ciscowebex_recording_format_playerMatch27.25.10

ciscowebex_recording_format_playerMatch27.32.1

ciscowebex_recording_format_playerMatch28.0.0

CPENameOperatorVersion
cisco:webex_recording_format_playercisco webex recording format playereq27.11.26
cisco:webex_recording_format_playercisco webex recording format playereq27.21.10
cisco:webex_recording_format_playercisco webex recording format playereq27.25.10
cisco:webex_recording_format_playercisco webex recording format playereq27.32.1
cisco:webex_recording_format_playercisco webex recording format playereq28.0.0

CPE	Name	Operator	Version
cisco:webex_recording_format_player	cisco webex recording format player	eq	27.11.26
cisco:webex_recording_format_player	cisco webex recording format player	eq	27.21.10
cisco:webex_recording_format_player	cisco webex recording format player	eq	27.25.10
cisco:webex_recording_format_player	cisco webex recording format player	eq	27.32.1
cisco:webex_recording_format_player	cisco webex recording format player	eq	28.0.0