// For flags

CVE-2010-3270

 

Severity Score

6.8
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Stack-based buffer overflow in Cisco WebEx Meeting Center T27LB before SP21 EP3 and T27LC before SP22 allows user-assisted remote authenticated users to execute arbitrary code by providing a crafted .atp file and then disconnecting from a meeting. NOTE: since this is a site-specific issue with no expected action for consumers, it might be REJECTed.

Desbordamiento de búfer basado en pila en Cisco WebEx Meeting Center T27LB anteriores a SP21 EP3 y T27LC anteriores a SP22, permite a usuarios remotos asistidos por usuarios a ejecutar código de su elección mediante un fichero .atp manipulado y desconectándolo de la conferencia. NOTA: Dado que es una cuestión exclusiva de las especificaciones del sitio sin efecto concreto para los usuarios, podría ser rechazada.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
High
Authentication
Multiple
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2010-09-09 CVE Reserved
  • 2011-02-01 CVE Published
  • 2023-09-23 EPSS Updated
  • 2024-08-07 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Cisco
Search vendor "Cisco"
 Webex Meeting Center
Search vendor "Cisco" for product "Webex Meeting Center"
 27.0
Search vendor "Cisco" for product "Webex Meeting Center" and version "27.0"
-
Affected