Short Name |
HTTP:STC:DL:MAL-WEBEX-WRF |
---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Cisco WebEx Player ATAS32.DLL Remote Code Execution |
Release Date |
2011/12/07 |
Update Number |
2043 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempt to exploit a known vulnerability in Cisco WebEx Player. The vulnerability exists in ATAS32.DLL and is due to insufficient validation of WebEx Recording Format (WRF) files. Successful exploitation would result in execution of arbitrary code on the target host in the context of the application.
Cisco WebEx is prone to multiple remote buffer-overflow vulnerabilities. An attacker can exploit these issues to execute arbitrary code with the privileges of the affected application. Failed exploit attempts may result in a denial-of-service condition.