CVSS: 6.8EPSS: 1%CPEs: 1EXPL: 0CVE-2010-3270
https://notcve.org/view.php?id=CVE-2010-3270
Stack-based buffer overflow in Cisco WebEx Meeting Center T27LB before SP21 EP3 and T27LC before SP22 allows user-assisted remote authenticated users to execute arbitrary code by providing a crafted .atp file and then disconnecting from a meeting. NOTE: since this is a site-specific issue with no expected action for consumers, it might be REJECTed. Desbordamiento de búfer basado en pila en Cisco WebEx Meeting Center T27LB anteriores a SP21 EP3 y T27LC anteriores a SP22, permite a usuarios remotos asistidos por usuarios a ejecutar código de su elección mediante un fichero .atp manipulado y desconectándolo de la conferencia. NOTA: Dado que es una cuestión exclusiva de las especificaciones del sitio sin efecto concreto para los usuarios, podría ser rechazada. • http://securitytracker.com/id?1025015 http://tools.cisco.com/security/center/viewAlert.x?alertId=22355 http://www.coresecurity.com/content/webex-atp-and-wrf-overflow-vulnerabilities http://www.securityfocus.com/archive/1/516095/100/0/threaded http://www.securityfocus.com/bid/46078 http://www.vupen.com/english/advisories/2011/0260 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 93%CPEs: 1EXPL: 2CVE-2008-3558 – Cisco WebEx Meeting Manager UCF - 'atucfobj.dll' ActiveX Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2008-3558
Stack-based buffer overflow in the WebexUCFObject ActiveX control in atucfobj.dll in Cisco WebEx Meeting Manager before 20.2008.2606.4919 allows remote attackers to execute arbitrary code via a long argument to the NewObject method. Un desbordamiento de búfer en la región stack de la memoria en el control ActiveX de WebexUCFObject en la biblioteca atucfobj.dll en Cisco WebEx Meeting Managern anterior a versión 20.2008.2606.4919, permite a los atacantes remotos ejecutar código arbitrario por medio de un argumento largo en el método NewObject. • https://www.exploit-db.com/exploits/6220 https://www.exploit-db.com/exploits/16604 http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/063692.html http://secunia.com/advisories/31397 http://www.cisco.com/en/US/products/products_security_advisory09186a00809e2006.shtml http://www.kb.cert.org/vuls/id/661827 http://www.securityfocus.com/bid/30578 http://www.securitytracker.com/id?1020641 http://www.vupen.com/english/advisories/2008/2319 https://exchange.xforce.ibmcloud. • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •