Threat Encyclopedia

Cisco.WebEx.Player.ataudio.Buffer.Overflow

description-logoDescription

This indicates an attempt to exploit a stack-based buffer overflow vulnerability in Cisco WebEx WRF Player.
The vulnerability is caused by an error that occurs when the vulnerable software handles some user-supplied inputs, that could allow remote attackers to execute arbitrary code via opening a local/online malicious WRF file.

affected-products-logoAffected Products

Cisco WebEx WRF Player 3.0 or earlier versions on Linux, Microsoft Windows and Mac OS X

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Use the solution provided by Cisco:
FG-VD-09-008: fixed in WebEx releases T26 and T27
FG-VD-09-010: fixed in WebEx releases T26SP49EP32 and T27SP10
FG-VD-09-012: fixed in WebEx releases T26SP49EP32 and T27SP10
FG-VD-09-013: fixed in WebEx releases T26SP49EP32 and T27SP10
FG-VD-09-014: fixed in WebEx releases T26LSp49EP32 and T27SP10
FG-VD-09-016: fixed in WebEx release T26SP49EP

CVE References

CVE-2009-2877

Telemetry logoTelemetry