CVE-2012-3940
Cisco WebEx Recording Format Player T27 < SP32 EP10 and T28 < T28.4 - Remote Code Execution via Crafted WRF File
Title source: llmDescription
Buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCtz72958.
References (4)
Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/86139
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1027639
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/55866
Patch, Vendor Advisory vendor-advisory
x_refsource_cisco
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121010-webex
Scores
EPSS
0.0526
EPSS Percentile
91.6%
Details
CWE
CWE-119
Status
published
Products (5)
cisco/webex_recording_format_player
27.11.26
cisco/webex_recording_format_player
27.21.10
cisco/webex_recording_format_player
27.25.10
cisco/webex_recording_format_player
27.32.1
cisco/webex_recording_format_player
28.0.0
Published
Oct 25, 2012
Tracked Since
Feb 18, 2026