Lucene search

K
saintSAINT CorporationSAINT:CF34973EBC5CAD713983F24AEFE7503C
HistoryFeb 10, 2011 - 12:00 a.m.

WebEx WRF Player buffer overflow

2011-02-1000:00:00
SAINT Corporation
my.saintcorporation.com
36

9.3 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.282 Low

EPSS

Percentile

96.9%

Added: 02/10/2011
CVE: CVE-2010-3269
BID: 46075

Background

The WebEx Recording Format (WRF) is used to save recordings of WebEx meetings to a file. The WebEx WRF Player allows users to play a WRF file.

Problem

A buffer overflow vulnerability in the WebEx WRF Player allows command execution when a user opens a specially crafted WRF file.

Resolution

Upgrade to the latest version of WebEx WRF Player.

References

<http://www.cisco.com/warp/public/707/cisco-sa-20110201-webex.shtml&gt;
<http://www.securityfocus.com/archive/1/516095&gt;

Limitations

Exploit works on WebEx Player 3.0 and requires a user to open the exploit file in WebEx Player.

Platforms

Windows

9.3 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.282 Low

EPSS

Percentile

96.9%

Related for SAINT:CF34973EBC5CAD713983F24AEFE7503C