Cisco.WebEx.Player.ataudio.Buffer.Overflow
Description
This indicates an attempt to exploit a stack-based buffer overflow vulnerability in Cisco WebEx WRF Player.
The vulnerability is caused by an error that occurs when the vulnerable software handles some user-supplied inputs, that could allow remote attackers to execute arbitrary code via opening a local/online malicious WRF file.
Affected Products
Cisco WebEx WRF Player 3.0 or earlier versions on Linux, Microsoft Windows and Mac OS X
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Use the solution provided by Cisco:
FG-VD-09-008: fixed in WebEx releases T26 and T27
FG-VD-09-010: fixed in WebEx releases T26SP49EP32 and T27SP10
FG-VD-09-012: fixed in WebEx releases T26SP49EP32 and T27SP10
FG-VD-09-013: fixed in WebEx releases T26SP49EP32 and T27SP10
FG-VD-09-014: fixed in WebEx releases T26LSp49EP32 and T27SP10
FG-VD-09-016: fixed in WebEx release T26SP49EP
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2021-01-11 | 16.995 |