CVE-2014-2135

2014-05-0810:55:00

CWE-119

[email protected]

web.nvd.nist.gov

cisco

arf player

buffer overflow

cve-2014-2135

remote code execution

dos

8.2 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.012 Low

EPSS

Percentile

85.4%

JSON

Buffer overflow in Cisco Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 before T29.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted .arf file, aka Bug IDs CSCul87216 and CSCuj07603.

CPENameOperatorVersion
cisco:webex_recording_format_playercisco webex recording format playereqt27ld
cisco:webex_advanced_recording_format_playercisco webex advanced recording format playereqt28
cisco:webex_advanced_recording_format_playercisco webex advanced recording format playereqt29
cisco:webex_recording_format_playercisco webex recording format playereqt29
cisco:webex_advanced_recording_format_playercisco webex advanced recording format playereqt27ld
cisco:webex_recording_format_playercisco webex recording format playereqt28

CPE	Name	Operator	Version
cisco:webex_recording_format_player	cisco webex recording format player	eq	t27ld
cisco:webex_advanced_recording_format_player	cisco webex advanced recording format player	eq	t28
cisco:webex_advanced_recording_format_player	cisco webex advanced recording format player	eq	t29
cisco:webex_recording_format_player	cisco webex recording format player	eq	t29
cisco:webex_advanced_recording_format_player	cisco webex advanced recording format player	eq	t27ld
cisco:webex_recording_format_player	cisco webex recording format player	eq	t28