Cisco WebEx WRF File Format Multiple Remote Buffer Overflow Vulnerabilities

Bugtraq ID:	52882
Class:	Boundary Condition Error
CVE:	CVE-2012-1335 CVE-2012-1336 CVE-2012-1337
Remote:	Yes
Local:	No
Published:	Apr 04 2012 12:00AM
Updated:	Apr 04 2012 12:00AM
Credit:	Secunia and iDefense
Vulnerable:	Cisco WebEx (Windows) T27 LD SP32 Cisco WebEx (Windows) T27 LC SP25 EP9 Cisco WebEx (Windows) T27 LB SP21 EP10 Cisco WebEx (Windows) T27 L SP11 EP26 Cisco WebEx (Mac OS X) T27 LD SP32 Cisco WebEx (Mac OS X) T27 LC SP25 EP9 Cisco WebEx (Mac OS X) T27 LB SP21 EP10 Cisco WebEx (Mac OS X) T27 L SP11 EP26 Cisco WebEx (Linux) T27 LD SP32 Cisco WebEx (Linux) T27 LC SP25 EP9 Cisco WebEx (Linux) T27 LB SP21 EP10 Cisco WebEx (Linux) T27 L SP11 EP26
Not Vulnerable:	Cisco WebEx (Windows) T27 LD SP32 CP1 Cisco WebEx (Windows) T27 LC SP25 EP10 Cisco WebEx (Mac OS X) T27 LD SP32 CP1 Cisco WebEx (Mac OS X) T27 LC SP25 EP10 Cisco WebEx (Linux) T27 LD SP32 CP1 Cisco WebEx (Linux) T27 LC SP25 EP10

Cisco WebEx WRF File Format Multiple Remote Buffer Overflow Vulnerabilities

Cisco WebEx is prone to multiple remote buffer-overflow vulnerabilities.

An attacker can exploit these issues to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions.

Cisco WebEx WRF File Format Multiple Remote Buffer Overflow Vulnerabilities

Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Cisco WebEx WRF File Format Multiple Remote Buffer Overflow Vulnerabilities

Solution:
Vendor updates are available. Please see the referenced vendor advisory for more information.

Cisco WebEx WRF File Format Multiple Remote Buffer Overflow Vulnerabilities

References:

• WebEx Homepage (Cisco)
  
• Buffer Overflow Vulnerabilities in the Cisco WebEx Player (Cisco)