CVE-2010-3270 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Cisco Webex Meeting Center

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer3 documents3 sources

Severity

6.8MEDIUMNVD

EPSS

8.4%

top 7.69%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Webex Meeting Center

Timeline

PublishedFeb 2

Latest updateMay 14

Description

Stack-based buffer overflow in Cisco WebEx Meeting Center T27LB before SP21 EP3 and T27LC before SP22 allows user-assisted remote authenticated users to execute arbitrary code by providing a crafted .atp file and then disconnecting from a meeting. NOTE: since this is a site-specific issue with no expected action for consumers, it might be REJECTed.

CVSS vector

AV:N/AC:H/C:C/I:C/A:CExploitability: 3.2 | Impact: 10.0

Affected Packages1 packages

▶NVDcisco/webex_meeting_center27.0

🔴Vulnerability Details

GHSA

GHSA-gf3m-gprc-v999: Stack-based buffer overflow in Cisco WebEx Meeting Center T27LB before SP21 EP3 and T27LC before SP22 allows user-assisted remote authenticated users↗2022-05-14

▶

CVEList

CVE-2010-3270: Stack-based buffer overflow in Cisco WebEx Meeting Center T27LB before SP21 EP3 and T27LC before SP22 allows user-assisted remote authenticated users↗2011-02-02

▶