9.3
CVSSv2

CVE-2012-3938

Published: 25/10/2012 Updated: 04/05/2013
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
VMScore: 828
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Summary

Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote malicious users to execute arbitrary code via a crafted WRF file, aka Bug ID CSCtz73583.

Affected Products

Vendor Product Versions
CiscoWebex Recording Format Player27.11.26, 27.21.10, 27.25.10, 27.32.1, 28.0.0

Vendor Advisories

The Cisco WebEx Recording Format (WRF) player contains six buffer overflow vulnerabilities In some cases, exploitation of the vulnerabilities could allow a remote attacker to execute arbitrary code on the system with the privileges of a targeted user  The Cisco WebEx WRF Player is an application used to play back WRF WebEx meeting recordings th ...