CVE-2012-3941

2012-10-2514:55:03

CWE-119

[email protected]

web.nvd.nist.gov

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.9

Confidence

High

EPSS

0.036

Percentile

91.7%

JSON

Heap-based buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCtz72850.

Affected configurations

Nvd

Node

ciscowebex_recording_format_playerMatch27.11.26

ciscowebex_recording_format_playerMatch27.21.10

ciscowebex_recording_format_playerMatch27.25.10

ciscowebex_recording_format_playerMatch27.32.1

ciscowebex_recording_format_playerMatch28.0.0

VendorProductVersionCPE
ciscowebex_recording_format_player27.11.26cpe:2.3:a:cisco:webex_recording_format_player:27.11.26:*:*:*:*:*:*:*
ciscowebex_recording_format_player27.21.10cpe:2.3:a:cisco:webex_recording_format_player:27.21.10:*:*:*:*:*:*:*
ciscowebex_recording_format_player27.25.10cpe:2.3:a:cisco:webex_recording_format_player:27.25.10:*:*:*:*:*:*:*
ciscowebex_recording_format_player27.32.1cpe:2.3:a:cisco:webex_recording_format_player:27.32.1:*:*:*:*:*:*:*
ciscowebex_recording_format_player28.0.0cpe:2.3:a:cisco:webex_recording_format_player:28.0.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	webex_recording_format_player	27.11.26	cpe:2.3:a:cisco:webex_recording_format_player:27.11.26:::::::*
cisco	webex_recording_format_player	27.21.10	cpe:2.3:a:cisco:webex_recording_format_player:27.21.10:::::::*
cisco	webex_recording_format_player	27.25.10	cpe:2.3:a:cisco:webex_recording_format_player:27.25.10:::::::*
cisco	webex_recording_format_player	27.32.1	cpe:2.3:a:cisco:webex_recording_format_player:27.32.1:::::::*
cisco	webex_recording_format_player	28.0.0	cpe:2.3:a:cisco:webex_recording_format_player:28.0.0:::::::*