HTTP: Cisco WebEx Recording Format Player atas32.dll 0xBB Subrecords Integer Overflow
This signature detects attempts to exploit a known vulnerability in Cisco WebEx Recording Format (WRF) Player. A successful attack can lead to a integer overflow and arbitrary remote code execution within the context of the target program.
Extended Description
Cisco WebEx is prone to multiple remote buffer-overflow vulnerabilities. An attacker can exploit these issues to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions.
Affected Products
Cisco webex_(windows)
References
BugTraq: 52882
CVE: CVE-2012-1337
URL: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120404-webex
Short Name
HTTP:STC:DL:WEBEX-ATAS
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
0xBB CVE-2012-1337 Cisco Format Integer Overflow Player Recording Subrecords WebEx atas32.dll bid:52882
Release Date
05/31/2012
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3726
False Positive
Unknown
Vendors
Cisco
CVSS Score
9.3