Описание
Heap-based buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCtz72850.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:cisco:webex_recording_format_player:27.11.26:*:*:*:*:*:*:*
cpe:2.3:a:cisco:webex_recording_format_player:27.21.10:*:*:*:*:*:*:*
cpe:2.3:a:cisco:webex_recording_format_player:27.25.10:*:*:*:*:*:*:*
cpe:2.3:a:cisco:webex_recording_format_player:27.32.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:webex_recording_format_player:28.0.0:*:*:*:*:*:*:*
EPSS
Процентиль: 88%
0.03713
Низкий
9.3 Critical
CVSS2
Дефекты
CWE-119
Связанные уязвимости
github
больше 3 лет назад
Heap-based buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCtz72850.
EPSS
Процентиль: 88%
0.03713
Низкий
9.3 Critical
CVSS2
Дефекты
CWE-119