CVE-2012-1336

CWE-119 — Buffer Overflow4 documents4 sources

Severity

9.3CRITICAL

EPSS

7.8%

top 8.04%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Webex Recording Format Player

Timeline

PublishedApr 5

Latest updateMay 14

Description

Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27 LC before SP25 EP10, and T27 LD before SP32 CP1 allows remote attackers to execute arbitrary code via a crafted WRF file, a different vulnerability than CVE-2012-1335 and CVE-2012-1337.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

▶NVDcisco/webex_recording_format_player27.25.0 — 27.25.10+3

🔴Vulnerability Details

GHSA

GHSA-r3xh-mqq6-wv5f: Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27 LC before SP25 EP10, and T27 L↗2022-05-14

▶

CVEList

CVE-2012-1336: Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27 LC before SP25 EP10, and T27 L↗2012-04-04

▶

📋Vendor Advisories

Cisco

Buffer Overflow Vulnerabilities in the Cisco WebEx Player↗2012-04-04

▶