Cisco Webex Recording Format Player vulnerabilities

28 known vulnerabilities affecting cisco/webex_recording_format_player.

Total CVEs

CISA KEV

Public exploits

Exploited in wild

Severity breakdown

CRITICAL27HIGH1

Vulnerabilities

Page 1 of 2

CVE-2014-2135CRITICALCVSS 9.3vt27ldvt28+1 more2014-05-08

CVE-2014-2135 [CRITICAL] CWE-119 CVE-2014-2135: Buffer overflow in Cisco Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28 before Buffer overflow in Cisco Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 before T29.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted .arf file, aka Bug IDs CSCul87216 and CSCuj07603.

nvd

CVE-2014-2133CRITICALCVSS 9.3vt27ldvt28+1 more2014-05-08

CVE-2014-2133 [CRITICAL] CWE-119 CVE-2014-2133: Buffer overflow in Cisco Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28 before Buffer overflow in Cisco Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 before T29.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted .arf file that triggers improper LZW decompression, aka Bug ID CSCuj87565.

nvd

CVE-2014-2134CRITICALCVSS 9.3vt27ldvt28+1 more2014-05-08

CVE-2014-2134 [CRITICAL] CWE-119 CVE-2014-2134: Heap-based buffer overflow in Cisco WebEx Recording Format (WRF) player T27 LD before SP32 EP16, T28 Heap-based buffer overflow in Cisco WebEx Recording Format (WRF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 before T29.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted audio channel in a .wrf file, aka Bug ID CSCuc39458.

nvd

CVE-2014-2136CRITICALCVSS 9.3vt27ldvt28+1 more2014-05-08

CVE-2014-2136 [CRITICAL] CWE-119 CVE-2014-2136: Buffer overflow in Cisco Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28 before Buffer overflow in Cisco Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 before T29.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted .arf file, aka Bug IDs CSCui72223, CSCul01163, and CSCul01166.

nvd

CVE-2014-2132HIGHCVSS 7.8vt27ldvt28+1 more2014-05-08

CVE-2014-2132 [HIGH] CWE-119 CVE-2014-2132: Cisco WebEx Recording Format (WRF) player and Advanced Recording Format (ARF) player T27 LD before S Cisco WebEx Recording Format (WRF) player and Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 before T29.2 allow remote attackers to cause a denial of service (application crash) via a crafted (1) .wrf or (2) .arf file that triggers a buffer over-read, aka Bug ID CSCuh52768.

nvd

CVE-2013-1118CRITICALCVSS 9.3v27.11.26v27.21.10+5 more2013-09-06

CVE-2013-1118 [CRITICAL] CWE-119 CVE-2013-1118: Stack-based buffer overflow in Cisco WebEx Recording Format (WRF) player T27 LD before SP32 EP16, T2 Stack-based buffer overflow in Cisco WebEx Recording Format (WRF) player T27 LD before SP32 EP16, T27 L10N before SP32_ORION111, and T28 before T28.8 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCuc27645.

nvd

CVE-2013-1117CRITICALCVSS 9.3v27.11.26v27.21.10+5 more2013-09-06

CVE-2013-1117 [CRITICAL] CWE-119 CVE-2013-1117: Buffer overflow in the exception handler in Cisco WebEx Recording Format (WRF) player T27 LD before Buffer overflow in the exception handler in Cisco WebEx Recording Format (WRF) player T27 LD before SP32 EP16, T27 L10N before SP32_ORION111, and T28 before T28.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted WRF file, aka Bug ID CSCuc27639.

nvd

CVE-2013-1119CRITICALCVSS 9.3v27.11.26v27.21.10+5 more2013-09-06

CVE-2013-1119 [CRITICAL] CWE-119 CVE-2013-1119: Buffer overflow in Cisco WebEx Recording Format (WRF) player T27 LD before SP32 EP16, T27 L10N befor Buffer overflow in Cisco WebEx Recording Format (WRF) player T27 LD before SP32 EP16, T27 L10N before SP32_ORION111, and T28 before T28.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted DHT index value in JPEG data within a WRF file, aka Bug ID CSCuc24503.

nvd

CVE-2012-3939CRITICALCVSS 9.3v27.11.26v27.21.10+3 more2012-10-25

CVE-2012-3939 [CRITICAL] CWE-119 CVE-2012-3939: Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 bef Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted WRF file, aka Bug ID CSCua61331.

nvd

CVE-2012-3937CRITICALCVSS 9.3v27.11.26v27.21.10+3 more2012-10-25

CVE-2012-3937 [CRITICAL] CWE-119 CVE-2012-3937: Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 bef Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCtz72967.

nvd

CVE-2012-3941CRITICALCVSS 9.3v27.11.26v27.21.10+3 more2012-10-25

CVE-2012-3941 [CRITICAL] CWE-119 CVE-2012-3941: Heap-based buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 Heap-based buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCtz72850.

nvd

CVE-2012-3936CRITICALCVSS 9.3v27.11.26v27.21.10+3 more2012-10-25

CVE-2012-3936 [CRITICAL] CWE-119 CVE-2012-3936: Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 bef Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCua40962.

nvd

CVE-2012-3940CRITICALCVSS 9.3v27.11.26v27.21.10+3 more2012-10-25

CVE-2012-3940 [CRITICAL] CWE-119 CVE-2012-3940: Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 bef Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCtz72958.

nvd

CVE-2012-3938CRITICALCVSS 9.3v27.11.26v27.21.10+3 more2012-10-25

CVE-2012-3938 [CRITICAL] CWE-119 CVE-2012-3938: Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 bef Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCtz73583.

nvd

CVE-2012-3057CRITICALCVSS 9.3≥ 27.11.0, ≤ 27.11.26≥ 27.21.0, ≤ 27.21.10+3 more2012-06-29

CVE-2012-3057 [CRITICAL] CWE-119 CVE-2012-3057: Heap-based buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, Heap-based buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27 LC before SP25 EP11, T27 LD before SP32 CP2, and T28 L10N before SP1 allows remote attackers to execute arbitrary code via a crafted size field in audio data within a WRF file, aka Bug ID CSCtz00755.

nvd

CVE-2012-3056CRITICALCVSS 9.3≥ 27.11.0, ≤ 27.11.26≥ 27.21.0, ≤ 27.21.10+3 more2012-06-29

CVE-2012-3056 [CRITICAL] CWE-119 CVE-2012-3056: Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB thr Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27 LC before SP25 EP11, T27 LD before SP32 CP2, and T28 L10N before SP1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted WRF file, aka Bug ID CSCtz72946.

nvd

CVE-2012-3055CRITICALCVSS 9.3≥ 27.11.0, ≤ 27.11.26≥ 27.21.0, ≤ 27.21.10+3 more2012-06-29

CVE-2012-3055 [CRITICAL] CWE-119 CVE-2012-3055: Stack-based buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26 Stack-based buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27 LC before SP25 EP11, T27 LD before SP32 CP2, and T28 L10N before SP1 allows remote attackers to execute arbitrary code via a crafted DHT chunk in a JPEG image within a WRF file, aka Bug ID CSCtz72953.

nvd

CVE-2012-3054CRITICALCVSS 9.3≥ 27.11.0, ≤ 27.11.26≥ 27.21.0, ≤ 27.21.10+3 more2012-06-29

CVE-2012-3054 [CRITICAL] CWE-119 CVE-2012-3054: Heap-based buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, Heap-based buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27 LC before SP25 EP11, T27 LD before SP32 CP2, and T28 L10N before SP1 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCtz72977.

nvd

CVE-2012-1336CRITICALCVSS 9.3≥ 27.11.0, ≤ 27.11.26≥ 27.21.0, ≤ 27.21.10+2 more2012-04-05

CVE-2012-1336 [CRITICAL] CVE-2012-1336: Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB thr Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27 LC before SP25 EP10, and T27 LD before SP32 CP1 allows remote attackers to execute arbitrary code via a crafted WRF file, a different vulnerability than CVE-2012-1335 and CVE-2012-1337.

nvd

CVE-2012-1337CRITICALCVSS 9.3≥ 27.11.0, ≤ 27.11.26≥ 27.21.0, ≤ 27.21.10+2 more2012-04-05

CVE-2012-1337 [CRITICAL] CVE-2012-1337: Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB thr Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 L through SP11 EP26, T27 LB through SP21 EP10, T27 LC before SP25 EP10, and T27 LD before SP32 CP1 allows remote attackers to execute arbitrary code via a crafted WRF file, a different vulnerability than CVE-2012-1335 and CVE-2012-1336.

nvd

1 / 2Next →