Signature Detail
This site is deprecated. Please CLICK HERE for latest updates
Short Name |
HTTP:STC:DL:MAL-WEBEX-WRF |
|---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Cisco WebEx Player ATAS32.DLL Remote Code Execution |
Release Date |
2011/12/07 |
Update Number |
2043 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
HTTP: Cisco WebEx Player ATAS32.DLL Remote Code Execution
This signature detects attempt to exploit a known vulnerability in Cisco WebEx Player. The vulnerability exists in ATAS32.DLL and is due to insufficient validation of WebEx Recording Format (WRF) files. Successful exploitation would result in execution of arbitrary code on the target host in the context of the application.
Extended Description
Cisco WebEx is prone to multiple remote buffer-overflow vulnerabilities. An attacker can exploit these issues to execute arbitrary code with the privileges of the affected application. Failed exploit attempts may result in a denial-of-service condition.
Affected Products
- Cisco webex 27
- Cisco webex
- Cisco webex_(linux) 26.00
- Cisco webex_(linux) 26.49.35
- Cisco webex_(linux) 27.00
- Cisco webex_(linux) 27.11.8
- Cisco webex_(linux) 27LB SP21 EP3
- Cisco webex_(linux) 27LC SP22
- Cisco webex_(mac_os_x) 26.00
- Cisco webex_(mac_os_x) 26.49.35
- Cisco webex_(mac_os_x) 27.00
- Cisco webex_(mac_os_x) 27.11.8
- Cisco webex_(mac_os_x) 27LB SP21 EP3
- Cisco webex_(mac_os_x) 27LC SP22
- Cisco webex_(windows) 26.00
- Cisco webex_(windows) 26.49.32
- Cisco webex_(windows) 27.00
- Cisco webex_(windows) 27.10.0
- Cisco webex_(windows) 27LB SP21 EP3
- Cisco webex_(windows) 27LC SP22
References