Lucene search

K
saintSAINT CorporationSAINT:CF34973EBC5CAD713983F24AEFE7503C
HistoryFeb 10, 2011 - 12:00 a.m.

WebEx WRF Player buffer overflow

2011-02-1000:00:00
SAINT Corporation
my.saintcorporation.com
36

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.282 Low

EPSS

Percentile

96.9%

Added: 02/10/2011
CVE: CVE-2010-3269
BID: 46075

Background

The WebEx Recording Format (WRF) is used to save recordings of WebEx meetings to a file. The WebEx WRF Player allows users to play a WRF file.

Problem

A buffer overflow vulnerability in the WebEx WRF Player allows command execution when a user opens a specially crafted WRF file.

Resolution

Upgrade to the latest version of WebEx WRF Player.

References

<http://www.cisco.com/warp/public/707/cisco-sa-20110201-webex.shtml&gt;
<http://www.securityfocus.com/archive/1/516095&gt;

Limitations

Exploit works on WebEx Player 3.0 and requires a user to open the exploit file in WebEx Player.

Platforms

Windows

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.282 Low

EPSS

Percentile

96.9%

Related for SAINT:CF34973EBC5CAD713983F24AEFE7503C