CVE-2009-2880

Name of the Vulnerable Software and Affected Versions: Cisco WebEx WRF Player versions 26.x through 26.49.31 for Windows Cisco WebEx WRF Player versions 27.x through 27.9.x for Windows Cisco WebEx WRF Player versions 26.x through 26.49.34 for Mac OS X and Linux Cisco WebEx WRF Player versions 27.x through 27.11.7 for Mac OS X and Linux

Description: The issue is related to a buffer overflow in the atrpui.dll component. This can be triggered by remote attackers using a crafted WebEx Recording Format (WRF) file, potentially leading to a denial of service (application crash) or possibly the execution of arbitrary code.

Recommendations: For Cisco WebEx WRF Player versions 26.x through 26.49.31 for Windows, update to version 26.49.32 or later. For Cisco WebEx WRF Player versions 27.x through 27.9.x for Windows, update to version 27.10.x or later. For Cisco WebEx WRF Player versions 26.x through 26.49.34 for Mac OS X and Linux, update to version 26.49.35 or later. For Cisco WebEx WRF Player versions 27.x through 27.11.7 for Mac OS X and Linux, update to version 27.11.8 or later.