CVE-2014-2134

2014-05-0810:55:03

CWE-119

cisco

web.nvd.nist.gov

cve-2014-2134

cisco

webex

buffer overflow

wrf

remote code execution

denial of service

memory corruption

application crash

nvd

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

8.3

Confidence

High

EPSS

0.008

Percentile

81.7%

JSON

Heap-based buffer overflow in Cisco WebEx Recording Format (WRF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 before T29.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted audio channel in a .wrf file, aka Bug ID CSCuc39458.

Affected configurations

Nvd

Node

ciscowebex_advanced_recording_format_playerMatcht27ld

ciscowebex_advanced_recording_format_playerMatcht28

ciscowebex_advanced_recording_format_playerMatcht29

ciscowebex_recording_format_playerMatcht27ld

ciscowebex_recording_format_playerMatcht28

ciscowebex_recording_format_playerMatcht29

VendorProductVersionCPE
ciscowebex_advanced_recording_format_playert27ldcpe:2.3:a:cisco:webex_advanced_recording_format_player:t27ld:*:*:*:*:*:*:*
ciscowebex_advanced_recording_format_playert28cpe:2.3:a:cisco:webex_advanced_recording_format_player:t28:*:*:*:*:*:*:*
ciscowebex_advanced_recording_format_playert29cpe:2.3:a:cisco:webex_advanced_recording_format_player:t29:*:*:*:*:*:*:*
ciscowebex_recording_format_playert27ldcpe:2.3:a:cisco:webex_recording_format_player:t27ld:*:*:*:*:*:*:*
ciscowebex_recording_format_playert28cpe:2.3:a:cisco:webex_recording_format_player:t28:*:*:*:*:*:*:*
ciscowebex_recording_format_playert29cpe:2.3:a:cisco:webex_recording_format_player:t29:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	webex_advanced_recording_format_player	t27ld	cpe:2.3:a:cisco:webex_advanced_recording_format_player:t27ld:::::::*
cisco	webex_advanced_recording_format_player	t28	cpe:2.3:a:cisco:webex_advanced_recording_format_player:t28:::::::*
cisco	webex_advanced_recording_format_player	t29	cpe:2.3:a:cisco:webex_advanced_recording_format_player:t29:::::::*
cisco	webex_recording_format_player	t27ld	cpe:2.3:a:cisco:webex_recording_format_player:t27ld:::::::*
cisco	webex_recording_format_player	t28	cpe:2.3:a:cisco:webex_recording_format_player:t28:::::::*
cisco	webex_recording_format_player	t29	cpe:2.3:a:cisco:webex_recording_format_player:t29:::::::*