CVE-2013-1119

Name of the Vulnerable Software and Affected Versions Cisco WebEx Recording Format (WRF) player versions prior to T27 SP32 EP16 Cisco WebEx Recording Format (WRF) player T27 L10N versions prior to SP32 ORION111 Cisco WebEx Recording Format (WRF) player versions prior to T28.8

Description The issue is related to a buffer overflow in the Cisco WebEx Recording Format (WRF) player, which can be exploited by remote attackers to execute arbitrary code or cause a denial of service due to memory corruption. This can be achieved via a crafted DHT index value in JPEG data within a WRF file.

Recommendations For Cisco WebEx Recording Format (WRF) player versions prior to T27 SP32 EP16, update to SP32 EP16 or later. For Cisco WebEx Recording Format (WRF) player T27 L10N versions prior to SP32 ORION111, update to SP32 ORION111 or later. For Cisco WebEx Recording Format (WRF) player versions prior to T28.8, update to T28.8 or later.