CVE-2014-2136

2014-05-0810:55:04

CWE-119

cisco

web.nvd.nist.gov

cisco

arf player

buffer overflow

vulnerability

cve-2014-2136

nvd

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

8.2

Confidence

High

EPSS

0.012

Percentile

85.4%

JSON

Buffer overflow in Cisco Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 before T29.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted .arf file, aka Bug IDs CSCui72223, CSCul01163, and CSCul01166.

Affected configurations

Nvd

Node

ciscowebex_advanced_recording_format_playerMatcht27ld

ciscowebex_advanced_recording_format_playerMatcht28

ciscowebex_advanced_recording_format_playerMatcht29

ciscowebex_recording_format_playerMatcht27ld

ciscowebex_recording_format_playerMatcht28

ciscowebex_recording_format_playerMatcht29

VendorProductVersionCPE
ciscowebex_advanced_recording_format_playert27ldcpe:2.3:a:cisco:webex_advanced_recording_format_player:t27ld:*:*:*:*:*:*:*
ciscowebex_advanced_recording_format_playert28cpe:2.3:a:cisco:webex_advanced_recording_format_player:t28:*:*:*:*:*:*:*
ciscowebex_advanced_recording_format_playert29cpe:2.3:a:cisco:webex_advanced_recording_format_player:t29:*:*:*:*:*:*:*
ciscowebex_recording_format_playert27ldcpe:2.3:a:cisco:webex_recording_format_player:t27ld:*:*:*:*:*:*:*
ciscowebex_recording_format_playert28cpe:2.3:a:cisco:webex_recording_format_player:t28:*:*:*:*:*:*:*
ciscowebex_recording_format_playert29cpe:2.3:a:cisco:webex_recording_format_player:t29:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
cisco	webex_advanced_recording_format_player	t27ld	cpe:2.3:a:cisco:webex_advanced_recording_format_player:t27ld:::::::*
cisco	webex_advanced_recording_format_player	t28	cpe:2.3:a:cisco:webex_advanced_recording_format_player:t28:::::::*
cisco	webex_advanced_recording_format_player	t29	cpe:2.3:a:cisco:webex_advanced_recording_format_player:t29:::::::*
cisco	webex_recording_format_player	t27ld	cpe:2.3:a:cisco:webex_recording_format_player:t27ld:::::::*
cisco	webex_recording_format_player	t28	cpe:2.3:a:cisco:webex_recording_format_player:t28:::::::*
cisco	webex_recording_format_player	t29	cpe:2.3:a:cisco:webex_recording_format_player:t29:::::::*