CVE-2014-2134

2014-05-0810:55:03

CWE-119

[email protected]

web.nvd.nist.gov

cve-2014-2134

cisco

webex

buffer overflow

wrf

remote code execution

denial of service

memory corruption

application crash

nvd

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.3 High

AI Score

Confidence

High

0.008 Low

EPSS

Percentile

81.7%

JSON

Heap-based buffer overflow in Cisco WebEx Recording Format (WRF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 before T29.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted audio channel in a .wrf file, aka Bug ID CSCuc39458.

Affected configurations

NVD

Node

ciscowebex_advanced_recording_format_playerMatcht27ld

ciscowebex_advanced_recording_format_playerMatcht28

ciscowebex_advanced_recording_format_playerMatcht29

ciscowebex_recording_format_playerMatcht27ld

ciscowebex_recording_format_playerMatcht28

ciscowebex_recording_format_playerMatcht29

CPENameOperatorVersion
cisco:webex_advanced_recording_format_playercisco webex advanced recording format playereqt27ld
cisco:webex_advanced_recording_format_playercisco webex advanced recording format playereqt28
cisco:webex_advanced_recording_format_playercisco webex advanced recording format playereqt29
cisco:webex_recording_format_playercisco webex recording format playereqt27ld
cisco:webex_recording_format_playercisco webex recording format playereqt28
cisco:webex_recording_format_playercisco webex recording format playereqt29

CPE	Name	Operator	Version
cisco:webex_advanced_recording_format_player	cisco webex advanced recording format player	eq	t27ld
cisco:webex_advanced_recording_format_player	cisco webex advanced recording format player	eq	t28
cisco:webex_advanced_recording_format_player	cisco webex advanced recording format player	eq	t29
cisco:webex_recording_format_player	cisco webex recording format player	eq	t27ld
cisco:webex_recording_format_player	cisco webex recording format player	eq	t28
cisco:webex_recording_format_player	cisco webex recording format player	eq	t29