CVE-2012-1337

CWE-119 — Buffer Overflow5 documents5 sources

Severity

9.3CRITICAL

EPSS

24.1%

top 3.93%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Webex Recording Format Player

Timeline

PublishedApr 5

Latest updateMay 14

Description

Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27 LC before SP25 EP10, and T27 LD before SP32 CP1 allows remote attackers to execute arbitrary code via a crafted WRF file, a different vulnerability than CVE-2012-1335 and CVE-2012-1336.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

▶NVDcisco/webex_recording_format_player27.25.0 — 27.25.10+3

🔴Vulnerability Details

GHSA

GHSA-j3c4-rrx3-p55q: Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27 LC before SP25 EP10, and T27 L↗2022-05-14

▶

CVEList

CVE-2012-1337: Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27 LC before SP25 EP10, and T27 L↗2012-04-04

▶

💥Exploits & PoCs

Exploit-DB

FreeBSD 9.0 - Intel SYSRET Kernel Privilege Escalation↗2013-10-04

▶

📋Vendor Advisories

Cisco

Buffer Overflow Vulnerabilities in the Cisco WebEx Player↗2012-04-04

▶