Lucene search

[email protected]NVD:CVE-2009-2877

HistoryDec 18, 2009 - 7:30 p.m.

CVE-2009-2877

2009-12-1819:30:00

CWE-119

[email protected]

web.nvd.nist.gov

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8 High

AI Score

Confidence

High

0.03 Low

EPSS

Percentile

91.0%

JSON

Stack-based buffer overflow in ataudio.dll in the Cisco WebEx WRF Player 26.x before 26.49.32 for Windows, 27.x before 27.10.x (aka T27SP10) for Windows, 26.x before 26.49.35 for Mac OS X and Linux, and 27.x before 27.11.8 for Mac OS X and Linux allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted WebEx Recording Format (WRF) file.

Affected configurations

NVD

Node

ciscowebexMatch26.00linux

ciscowebexMatch26.00mac_os_x

ciscowebexMatch26.00windows

ciscowebexMatch27.00linux

ciscowebexMatch27.00mac_os_x

ciscowebexMatch27.00windows

References

secunia.com/advisories/37810

securitytracker.com/id?1023360

tools.cisco.com/security/center/viewAlert.x?alertId=19499

tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22660&signatureSubId=0&softwareVersion=6.0&releaseVersion=S456

tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22661&signatureSubId=0&softwareVersion=6.0&releaseVersion=S456

tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22662&signatureSubId=0&softwareVersion=6.0&releaseVersion=S456

tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22663&signatureSubId=0&softwareVersion=6.0&releaseVersion=S456

tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22799&signatureSubId=0&softwareVersion=6.0&releaseVersion=S456

tools.cisco.com/security/center/viewIpsSignature.x?signatureId=23040&signatureSubId=0&softwareVersion=6.0&releaseVersion=S456

www.cisco.com/en/US/products/products_security_advisory09186a0080b0a577.shtml

www.fortiguard.com/advisory/FGA-2009-48.html

www.fortiguard.com/encyclopedia/vulnerability/cisco.webex.player.ataudio.buffer.overflow.html

www.osvdb.org/61127

www.securityfocus.com/bid/37352

www.vupen.com/english/advisories/2009/3574

exchange.xforce.ibmcloud.com/vulnerabilities/54841

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8 High

AI Score

Confidence

High

0.03 Low

EPSS

Percentile

91.0%

JSON

Related for NVD:CVE-2009-2877

cve1 prion1 cvelist1 cisco1 seebug1 securityvulns2