Lucene search
CiscoCVE-2014-2132HistoryMay 08, 2014 - 10:55 a.m.
CVE-2014-2132
2014-05-0810:55:03
CWE-119
cisco
web.nvd.nist.gov
28
cve-2014-2132
cisco
webex
wrf
arf
player
buffer over-read
denial of service
application crash
nvd
CVSS2
7.8
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
AI Score
6.8
Confidence
High
EPSS
0.002
Percentile
54.1%
Cisco WebEx Recording Format (WRF) player and Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 before T29.2 allow remote attackers to cause a denial of service (application crash) via a crafted (1) .wrf or (2) .arf file that triggers a buffer over-read, aka Bug ID CSCuh52768.
Affected configurations
Node
ciscowebex_advanced_recording_format_playerMatcht27ld
ORciscowebex_advanced_recording_format_playerMatcht28
ORciscowebex_advanced_recording_format_playerMatcht29
ORciscowebex_recording_format_playerMatcht27ld
ORciscowebex_recording_format_playerMatcht28
ORciscowebex_recording_format_playerMatcht29
| Vendor | Product | Version | CPE |
|---|---|---|---|
| cisco | webex_advanced_recording_format_player | t27ld | cpe:2.3:a:cisco:webex_advanced_recording_format_player:t27ld:*:*:*:*:*:*:* |
| cisco | webex_advanced_recording_format_player | t28 | cpe:2.3:a:cisco:webex_advanced_recording_format_player:t28:*:*:*:*:*:*:* |
| cisco | webex_advanced_recording_format_player | t29 | cpe:2.3:a:cisco:webex_advanced_recording_format_player:t29:*:*:*:*:*:*:* |
| cisco | webex_recording_format_player | t27ld | cpe:2.3:a:cisco:webex_recording_format_player:t27ld:*:*:*:*:*:*:* |
| cisco | webex_recording_format_player | t28 | cpe:2.3:a:cisco:webex_recording_format_player:t28:*:*:*:*:*:*:* |
| cisco | webex_recording_format_player | t29 | cpe:2.3:a:cisco:webex_recording_format_player:t29:*:*:*:*:*:*:* |
Related
nvd
nvd
CVE-2014-2132
2014-05-08 10:55:03
cvelist
cvelist
CVE-2014-2132
2014-05-08 10:00:00
prion
prion
Design/Logic Flaw
2014-05-08 10:55:00
openvas
openvas
securityvulns
securityvulns
Cisco WebEx multiple security vulnerabilities
2014-05-10 00:00:00
nessus
nessus
Cisco WebEx ARF Player Multiple Vulnerabilities (cisco-sa-20140507-webex)
2014-05-14 00:00:00
Cisco WebEx WRF Player Multiple Vulnerabilities (cisco-sa-20140507-webex)
2014-05-14 00:00:00
cisco
cisco
CVSS2
7.8
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
AI Score
6.8
Confidence
High
EPSS
0.002
Percentile
54.1%
Related for CVE-2014-2132