CVE-2012-3941

Cisco WebEx Recording Format Player T27 < SP32 EP10 and T28 < T28.4 - Remote Code Execution via Crafted WRF File

Title source: llm
STIX 2.1

Description

Heap-based buffer overflow in the Cisco WebEx Recording Format (WRF) player T27 before LD SP32 EP10 and T28 before T28.4 allows remote attackers to execute arbitrary code via a crafted WRF file, aka Bug ID CSCtz72850.

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/86140
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1027639
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/55866

Scores

EPSS 0.0526
EPSS Percentile 91.6%

Details

CWE
CWE-119
Status published
Products (5)
cisco/webex_recording_format_player 27.11.26
cisco/webex_recording_format_player 27.21.10
cisco/webex_recording_format_player 27.25.10
cisco/webex_recording_format_player 27.32.1
cisco/webex_recording_format_player 28.0.0
Published Oct 25, 2012
Tracked Since Feb 18, 2026