|
|
|||
| Rule General Information |
|---|
| Release Date: | 2021-03-26 | |
| Rule Name: | Cisco WebEx Recording Format Player atdl2006.dll Integer Overflow Vulnerability | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | A code execution vulnerability exists in Cisco's WebEx Recording Format (WRF) Player. This vulnerability is due to an integer overflow leading to a buffer overflow when the WRF player handles WRF files. A remote unauthenticated attacker can leverage this vulnerability by crafting a WRF file and enticing the target users to view the malicious file. Successful exploitation would result in execution of arbitrary code on the target host in the context of the application. | |
| Impact: | An attacker can exploit the affected software with a integer overflow vulnerability. Successful exploit leads to execute arbitrary code, and failed exploit may disturb the software logic and cause denial of service. | |
| Affected OS: | Windows, Linux, Others | |
| Reference: | ||
| Solutions |
|---|
| There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product. |