Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2014-2135 | First vendor Publication | 2014-05-08 |
Vendor | Cve | Last vendor Modification | 2014-05-08 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Buffer overflow in Cisco Advanced Recording Format (ARF) player T27 LD before SP32 EP16, T28 before T28.12, and T29 before T29.2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted .arf file, aka Bug IDs CSCul87216 and CSCuj07603. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2135 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 3 | |
Application | 3 |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2014-05-15 | IAVM : 2014-B-0055 - Multiple Vulnerabilities in Cisco WebEX Severity : Category II - VMSKEY : V0050441 |
Snort® IPS/IDS
Date | Description |
---|---|
2014-06-07 | Cisco Webex ARF Player LZW decompress memory corruption denial of service att... RuleID : 30943 - Revision : 4 - Type : FILE-OTHER |
2014-06-07 | Cisco Webex ARF Player LZW decompress memory corruption denial of service att... RuleID : 30942 - Revision : 4 - Type : FILE-OTHER |
2014-06-07 | Cisco WebEx WRF heap corruption attempt RuleID : 30932 - Revision : 4 - Type : FILE-OTHER |
2014-06-07 | Cisco WebEx Player atas32.dll memory overread attempt RuleID : 30922 - Revision : 4 - Type : FILE-OTHER |
2014-06-07 | Cisco WebEx Player atas32.dll memory overread attempt RuleID : 30921 - Revision : 4 - Type : FILE-OTHER |
2014-06-07 | Cisco Webex WRF heap corruption attempt RuleID : 30913 - Revision : 4 - Type : FILE-OTHER |
2014-06-07 | Cisco Webex WRF heap corruption attempt RuleID : 30912 - Revision : 4 - Type : FILE-OTHER |
2014-06-07 | Cisco Webex WRF heap corruption attempt RuleID : 30903 - Revision : 4 - Type : FILE-OTHER |
2014-06-07 | Cisco Webex WRF heap corruption attempt RuleID : 30902 - Revision : 4 - Type : FILE-OTHER |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2014-05-14 | Name : The video player installed on the remote Windows host has multiple vulnerabil... File : cisco-sa-20140507-webex_arf.nasl - Type : ACT_GATHER_INFO |
2014-05-14 | Name : The video player installed on the remote Windows host has multiple vulnerabil... File : cisco-sa-20140507-webex_wrf.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Source | Url |
---|---|
CISCO | http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa... |
Alert History
Date | Informations |
---|---|
2021-05-04 12:30:47 |
|
2021-04-22 01:37:21 |
|
2020-05-23 00:40:25 |
|
2014-11-16 21:24:56 |
|
2014-05-17 00:22:15 |
|
2014-05-15 13:24:11 |
|
2014-05-09 21:25:17 |
|
2014-05-08 17:23:14 |
|