Signature Detail
Short Name |
HTTP:STC:DL:MAL-WEBEX-WRF |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Cisco WebEx Player ATAS32.DLL Remote Code Execution |
Release Date |
2011/12/07 |
Update Number |
2043 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: Cisco WebEx Player ATAS32.DLL Remote Code Execution
This signature detects attempt to exploit a known vulnerability in Cisco WebEx Player. The vulnerability exists in ATAS32.DLL and is due to insufficient validation of WebEx Recording Format (WRF) files. Successful exploitation would result in execution of arbitrary code on the target host in the context of the application.
Extended Description
Cisco WebEx is prone to multiple remote buffer-overflow vulnerabilities. An attacker can exploit these issues to execute arbitrary code with the privileges of the affected application. Failed exploit attempts may result in a denial-of-service condition.
Affected Products
- Cisco WebEx 27
- Cisco WebEx
- Cisco WebEx (Linux) 26.00
- Cisco WebEx (Linux) 26.49.35
- Cisco WebEx (Linux) 27.00
- Cisco WebEx (Linux) 27.11.8
- Cisco WebEx (Linux) 27LB SP21 EP3
- Cisco WebEx (Linux) 27LC SP22
- Cisco WebEx (Mac OS X) 26.00
- Cisco WebEx (Mac OS X) 26.49.35
- Cisco WebEx (Mac OS X) 27.00
- Cisco WebEx (Mac OS X) 27.11.8
- Cisco WebEx (Mac OS X) 27LB SP21 EP3
- Cisco WebEx (Mac OS X) 27LC SP22
- Cisco WebEx (Windows) 26.00
- Cisco WebEx (Windows) 26.49.32
- Cisco WebEx (Windows) 27.00
- Cisco WebEx (Windows) 27.10.0
- Cisco WebEx (Windows) 27LB SP21 EP3
- Cisco WebEx (Windows) 27LC SP22
References