Buffer Overflow in Cisco Advanced Recording Format Players
CVE-2014-2136

Currently unrated

Key Information:

Vendor: Cisco
Status: Webex Recording Format Player; Webex Advanced Recording Format Player
Vendor: CVE Published:; 8 May 2014

Summary

A buffer overflow vulnerability exists in Cisco's Advanced Recording Format (ARF) player across certain versions, specifically affecting T27 LD before SP32 EP16, T28 before T28.12, and T29 before T29.2. This issue can be exploited by remote attackers through specially crafted .arf files, potentially allowing them to execute arbitrary code or cause a denial of service via memory corruption and application crashes. For more information, refer to Cisco's advisory.

References

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

Timeline

Vulnerability published
May 8, 2014
Vulnerability Reserved
Feb 25, 2014