CVE-2010-3041
Cisco Security Advisory 20110201-webex
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players T27LB before SP21 EP3 and T27LC before SP22 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted (1) .wrf or (2) .arf file, related to atas32.dll, a different vulnerability than CVE-2010-3042, CVE-2010-3043, and CVE-2010-3044.
Múltiples desbordamientos de búfer en los Reproductores WebEx Recording Format (WRF) y Advanced Recording Format (ARF) de Cisco Build T27LB anterior a SP21 EP3 y Build T27LC anterior a SP22, permite a los atacantes remotos causar una denegación de servicio (bloqueo de aplicación) o posiblemente ejecutar código arbitrario por medio de un archivo especialmente diseñado (1) .wrf o (2) .arf, relacionado con la biblioteca atas32.dll, una vulnerabilidad diferente de CVE-2010-3042, CVE-2010-3043 y CVE-2010-3044.
Multiple buffer overflow vulnerabilities exist in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players. In some cases, exploitation of the vulnerabilities could allow a remote attacker to execute arbitrary code on the system of a targeted user. The Cisco WebEx Players are applications that are used to play back WebEx meeting recordings that have been recorded on the computer of an on-line meeting attendee. The players can be automatically installed when the user accesses a recording file that is hosted on a WebEx server. The player can also be manually installed for offline playback after downloading the application from www.webex.com. If the WebEx recording player was automatically installed, it will be automatically upgraded to the latest, non-vulnerable version when users access a recording file that is hosted on a WebEx server. If the WebEx recording player was manually installed, users will need to manually install a new version of the player after downloading the latest version from www.webex.com. Cisco has released free software updates that address these vulnerabilities.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2010-08-17 CVE Reserved
- 2011-02-02 CVE Published
- 2024-08-07 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (6)
| URL | Tag | Source |
|---|---|---|
| http://securitytracker.com/id?1025016 | Vdb Entry | |
| http://tools.cisco.com/security/center/viewAlert.x?alertId=22016 | X_refsource_confirm |
|
| http://www.fortiguard.com/advisory/FGA-2011-03.html | X_refsource_misc | |
| http://www.securityfocus.com/bid/46075 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/65072 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6913f.shtml | 2017-08-17 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Cisco Search vendor "Cisco" | Webex Recording Format Player Search vendor "Cisco" for product "Webex Recording Format Player" | 26.49 Search vendor "Cisco" for product "Webex Recording Format Player" and version "26.49" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Webex Recording Format Player Search vendor "Cisco" for product "Webex Recording Format Player" | 27.10 Search vendor "Cisco" for product "Webex Recording Format Player" and version "27.10" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Webex Recording Format Player Search vendor "Cisco" for product "Webex Recording Format Player" | 27.11.0.3328 Search vendor "Cisco" for product "Webex Recording Format Player" and version "27.11.0.3328" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Webex Recording Format Player Search vendor "Cisco" for product "Webex Recording Format Player" | 27.12 Search vendor "Cisco" for product "Webex Recording Format Player" and version "27.12" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Webex Recording Format Player Search vendor "Cisco" for product "Webex Recording Format Player" | 27.13 Search vendor "Cisco" for product "Webex Recording Format Player" and version "27.13" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Webex Advanced Recording Format Player Search vendor "Cisco" for product "Webex Advanced Recording Format Player" | 26.49 Search vendor "Cisco" for product "Webex Advanced Recording Format Player" and version "26.49" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Webex Advanced Recording Format Player Search vendor "Cisco" for product "Webex Advanced Recording Format Player" | 27.10 Search vendor "Cisco" for product "Webex Advanced Recording Format Player" and version "27.10" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Webex Advanced Recording Format Player Search vendor "Cisco" for product "Webex Advanced Recording Format Player" | 27.11.0.3328 Search vendor "Cisco" for product "Webex Advanced Recording Format Player" and version "27.11.0.3328" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Webex Advanced Recording Format Player Search vendor "Cisco" for product "Webex Advanced Recording Format Player" | 27.12 Search vendor "Cisco" for product "Webex Advanced Recording Format Player" and version "27.12" | - |
Affected
| ||||||
| Cisco Search vendor "Cisco" | Webex Advanced Recording Format Player Search vendor "Cisco" for product "Webex Advanced Recording Format Player" | 27.13 Search vendor "Cisco" for product "Webex Advanced Recording Format Player" and version "27.13" | - |
Affected
| ||||||