Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-2136

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2014-2136
Last Modified 08 May 2014 09:47:11
Published 08 May 2014 06:55:04
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2014-2136

Summary

Buffer overflow in Cisco Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 before T29.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted .arf file, aka Bug IDs CSCui72223, CSCul01163, and CSCul01166.

Vulnerable Systems

Application

  • Cisco Webex Advanced Recording Format Player T27ld

  • Cisco Webex Advanced Recording Format Player T28

  • Cisco Webex Advanced Recording Format Player T29

  • Cisco Webex Recording Format Player T27ld

  • Cisco Webex Recording Format Player T28

  • Cisco Webex Recording Format Player T29


References

CISCO - 20140507 Multiple Vulnerabilities in the Cisco WebEx Recording Format and Advanced Recording Format Players


Last Updated: 27 May 2016 11:05:16