Intrusion PreventionCisco.WebEx.Player.ataudio.Buffer.Overflow
Description
This indicates an attempt to exploit a stack-based buffer overflow vulnerability in Cisco WebEx WRF Player.
The vulnerability is caused by an error that occurs when the vulnerable software handles some user-supplied inputs, that could allow remote attackers to execute arbitrary code via opening a local/online malicious WRF file.
Affected Products
Cisco WebEx WRF Player 3.0 or earlier versions on Linux, Microsoft Windows and Mac OS X
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Use the solution provided by Cisco:
FG-VD-09-008: fixed in WebEx releases T26 and T27
FG-VD-09-010: fixed in WebEx releases T26SP49EP32 and T27SP10
FG-VD-09-012: fixed in WebEx releases T26SP49EP32 and T27SP10
FG-VD-09-013: fixed in WebEx releases T26SP49EP32 and T27SP10
FG-VD-09-014: fixed in WebEx releases T26LSp49EP32 and T27SP10
FG-VD-09-016: fixed in WebEx release T26SP49EP
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2021-01-11 | 16.995 |
| ID | 17755 |
| Created | Oct 06, 2009 |
| Updated | Jan 08, 2021 |
| Risk |
|
| CVE ID | CVE-2009-2877 |
| Exploit Prediction Score | 2.69% |
| Default Action | drop |
| Active | |
| Affected OS | Windows, Linux, MacOS |
| Affected App | Cisco |