CVE-2012-3057
Published Jun 29, 2012
Last updated 6 years ago
Overview
- Description
- Heap-based buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27 LC before SP25 EP11, T27 LD before SP32 CP2, and T28 L10N before SP1 allows remote attackers to execute arbitrary code via a crafted size field in audio data within a WRF file, aka Bug ID CSCtz00755.
- Source
- ykramarz@cisco.com
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 9.3
- Impact score
- 10
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-119
Configurations
[ { "nodes": [ { "negate": false, "cpeMatch": [ { "criteria": "cpe:2.3:a:cisco:webex_recording_format_player:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8CDF6A8A-B1B3-48F4-8433-94B3E55C9D27", "versionEndIncluding": "27.11.26", "versionStartIncluding": "27.11.0" }, { "criteria": "cpe:2.3:a:cisco:webex_recording_format_player:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B7E558A7-8CAC-456B-B885-2CF8B48FAF65", "versionEndIncluding": "27.21.10", "versionStartIncluding": "27.21.0" }, { "criteria": "cpe:2.3:a:cisco:webex_recording_format_player:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "23CF539D-4FF5-4536-9AE0-0522DA72A6BB", "versionEndExcluding": "27.25.11", "versionStartIncluding": "27.25.0" }, { "criteria": "cpe:2.3:a:cisco:webex_recording_format_player:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DC2CE94F-7C92-4B1B-A6E4-4B81A5DDF6CC", "versionEndExcluding": "27.32.2", "versionStartIncluding": "27.32.0" }, { "criteria": "cpe:2.3:a:cisco:webex_recording_format_player:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CE36A104-4083-4973-8F89-B92B8D85688C", "versionEndExcluding": "28.0.1", "versionStartIncluding": "28.0.0" } ], "operator": "OR" } ] } ]