Lucene search
HistoryDec 07, 2011 - 12:00 a.m.
Cisco WebEx Player WRF Type 0 Parsing Remote Code Execution Vulnerability
EPSS
0.443
Percentile
97.4%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco WebEx Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within atdl2006.dll. The vulnerability is caused by lack of validation when parsing WRF files. A specially crafted WRF file will cause the application to incorrectly push a size value to a memcpy, allowing for corruption of heap memory. An attacker can leverage this vulnerability to execute arbitrary code on the target system under the context of the current user.
Related
securityvulns
securityvulns
ZDI-11-341 : Cisco WebEx Player WRF Type 0 Parsing Remote Code Execution Vulnerability
2011-12-11 00:00:00
Cisco WebEx Player buffer overflow
2012-04-09 00:00:00
cvelist
cvelist
CVE-2011-3319
2011-10-27 21:00:00
checkpoint_advisories
checkpoint_advisories
Cisco WebEx Player ATDL2006.dll Heap Memory Corruption (CVE-2011-3319)
2012-05-14 00:00:00
cve
cve
CVE-2011-3319
2011-10-27 21:55:01
prion
prion
Buffer overflow
2011-10-27 21:55:00
nvd
nvd
CVE-2011-3319
2011-10-27 21:55:01
seebug
seebug
Cisco WebEx WRF/ATAS32文件格式远程缓冲区溢出漏洞
2011-10-27 00:00:00
cisco
cisco
Buffer Overflow Vulnerabilities in the Cisco WebEx Player
2011-10-26 16:00:00