Vulnerability Description
Multiple stack-based buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to execute arbitrary code via a crafted (1) .wrf or (2) .arf file, related to use of a function pointer in a callback mechanism.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Webex Recording Format Player | 26.49 |
| Cisco | Webex Advanced Recording Format Player | 26.49 |
Related Weaknesses (CWE)
References
- http://securitytracker.com/id?1025015
- http://tools.cisco.com/security/center/viewAlert.x?alertId=22016Patch
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6913f.sPatchVendor Advisory
- http://www.coresecurity.com/content/webex-atp-and-wrf-overflow-vulnerabilitiesPatch
- http://www.securityfocus.com/archive/1/516095/100/0/threaded
- http://www.securityfocus.com/bid/46075
- http://www.vupen.com/english/advisories/2011/0261Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/65076
- http://securitytracker.com/id?1025015
- http://tools.cisco.com/security/center/viewAlert.x?alertId=22016Patch
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6913f.sPatchVendor Advisory
- http://www.coresecurity.com/content/webex-atp-and-wrf-overflow-vulnerabilitiesPatch
- http://www.securityfocus.com/archive/1/516095/100/0/threaded
- http://www.securityfocus.com/bid/46075
- http://www.vupen.com/english/advisories/2011/0261Vendor Advisory
FAQ
What is CVE-2010-3269?
CVE-2010-3269 is a vulnerability with a CVSS score of 9.3 (HIGH). Multiple stack-based buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to execut...
How severe is CVE-2010-3269?
CVE-2010-3269 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2010-3269?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Webex Recording Format Player, Cisco Webex Advanced Recording Format Player.