Buffer Over-Read Vulnerability in Cisco WebEx and Advanced Recording Format Players
CVE-2014-2132

Currently unrated

Key Information:

Vendor: Cisco
Status: Webex Recording Format Player; Webex Advanced Recording Format Player
Vendor: CVE Published:; 8 May 2014

Summary

Cisco's WebEx Recording Format (WRF) player and Advanced Recording Format (ARF) player have a vulnerability that allows remote attackers to exploit crafted .wrf or .arf files. This exploitation can result in a denial of service by triggering a buffer over-read, causing the application to crash. Users of the affected versions, T27 LD before SP32 EP16, T28 before T28.12, and T29 before T29.2, are at risk and should consider upgrading to secure their systems.

References

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

Timeline

Vulnerability published
May 8, 2014
Vulnerability Reserved
Feb 25, 2014