Cisco WebEx WRF and ATAS32 File Format Multiple Remote Buffer Overflow Vulnerabilities
Severity: : Critical
CVE Kennungen: : CVE-2011-3319
Advisory Date: 21 de июля de 2015
DESCRIPTION
Buffer overflow in the WRF parsing functionality in the Cisco WebEx Recording Format (WRF) player T26 before SP49 EP40 and T27 before SP28 allows remote attackers to execute arbitrary code via a crafted WRF file.
INFORMATION EXPOSURE
Apply associated Trend Micro DPI Rules.
SOLUTION
Trend Micro Deep Security DPI Rule Number: 1004891
Trend Micro Deep Security DPI Rule Name: 1004891 - Cisco WebEx WRF And ATAS32 File Format Multiple Remote Buffer Overflow Vulnerabilities
AFFECTED SOFTWARE AND VERSION:
- cisco webex_recording_format_player 26
- cisco webex_recording_format_player 27
- cisco webex_recording_format_player 27.10
- cisco webex_recording_format_player 27.12
- cisco webex_recording_format_player 27.13