Heap-based Buffer Overflow in Cisco WebEx Recording Format Player
CVE-2012-3941

Currently unrated

Key Information:

Vendor: Cisco
Status: Webex Recording Format Player
Vendor: CVE Published:; 25 October 2012

Summary

A heap-based buffer overflow vulnerability exists in Cisco's WebEx Recording Format (WRF) player in certain versions of T27 and T28. This flaw allows remote attackers to exploit crafted WRF files to execute arbitrary code on the target system. Attackers can use this vulnerability to compromise the integrity and confidentiality of systems using vulnerable WRF player versions, highlighting the importance of updating to secure versions.

References

http://osvdb.org/86140

vdb-entryx_refsource_OSVDB

http://www.securitytracker.com/id?1027639

vdb-entryx_refsource_SECTRACK

http://www.securityfocus.com/bid/55866

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Oct 25, 2012
Vulnerability Reserved
Jul 10, 2012