Gravité: : Critique
  Identifiant(s) CVE: : CVE-2011-3319
  Date du conseil: 21 juillet 2015

  Description

Buffer overflow in the WRF parsing functionality in the Cisco WebEx Recording Format (WRF) player T26 before SP49 EP40 and T27 before SP28 allows remote attackers to execute arbitrary code via a crafted WRF file.

  Information Exposure Rating:

Apply associated Trend Micro DPI Rules.

  Solutions

  Trend Micro Deep Security DPI Rule Number: 1004891
  Trend Micro Deep Security DPI Rule Name: 1004891 - Cisco WebEx WRF And ATAS32 File Format Multiple Remote Buffer Overflow Vulnerabilities

  Affected software and version:

  • cisco webex_recording_format_player 26
  • cisco webex_recording_format_player 27
  • cisco webex_recording_format_player 27.10
  • cisco webex_recording_format_player 27.12
  • cisco webex_recording_format_player 27.13