8.2 High
AI Score
Confidence
Low
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.282 Low
EPSS
Percentile
96.9%
Multiple stack-based buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to execute arbitrary code via a crafted (1) .wrf or (2) .arf file, related to use of a function pointer in a callback mechanism.
securitytracker.com/id?1025015
tools.cisco.com/security/center/viewAlert.x?alertId=22016
www.cisco.com/en/US/products/products_security_advisory09186a0080b6913f.shtml
www.coresecurity.com/content/webex-atp-and-wrf-overflow-vulnerabilities
www.securityfocus.com/archive/1/516095/100/0/threaded
www.securityfocus.com/bid/46075
www.vupen.com/english/advisories/2011/0261
exchange.xforce.ibmcloud.com/vulnerabilities/65076