Cisco WebEx Player atas32.dll Content Decompression WRF File Handling Remote Overflow
Severity: : Critical
CVE Kennungen: : CVE-2012-1336
Advisory Date: 21 lipca 2015
DESCRIPTION
Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27 LC before SP25 EP10, and T27 LD before SP32 CP1 allows remote attackers to execute arbitrary code via a crafted WRF file, a different vulnerability than CVE-2012-1335 and CVE-2012-1337.
INFORMATION EXPOSURE
Apply associated Trend Micro DPI Rules.
SOLUTION
Trend Micro Deep Security DPI Rule Number: 1005031
Trend Micro Deep Security DPI Rule Name: 1005031 - Cisco WebEx Player atas32.dll Content Decompression WRF File Handling Remote Overflow
AFFECTED SOFTWARE AND VERSION:
- cisco webex_recording_format_player 27
- cisco webex_recording_format_player 27.10
- cisco webex_recording_format_player 27.11.0.3328
- cisco webex_recording_format_player 27.11.26
- cisco webex_recording_format_player 27.12
- cisco webex_recording_format_player 27.13
- cisco webex_recording_format_player 27.21.10
- cisco webex_recording_format_player 27.25.9
- cisco webex_recording_format_player 27.32.0