Release date:
Updated on:
Affected Systems:
Cisco WebEx 28
Cisco WebEx 27
Cisco WebEx (Windows) T27 SP28
Cisco WebEx (Windows) T27 SP25 EP3
Cisco WebEx (Windows) T27 SP23
Cisco WebEx (Windows) T27 SP21 EP9
Cisco WebEx (Windows) T27 SP11 EP23
Cisco WebEx (Windows) T27 LD SP32 CP1
Cisco WebEx (Windows) T27 LD SP32
Cisco WebEx (Windows) T27 LC SP25 EP9
Cisco WebEx (Windows) T27 LC SP25 EP10
Cisco WebEx (Windows) T27 LB SP21 EP10
Cisco WebEx (Windows) T27 L SP11 EP26
Cisco WebEx (Windows) T27 FR20
Cisco WebEx (Windows) T26 SP49 EP40
Cisco WebEx (Windows) 27LC SP22
Cisco WebEx (Windows) 27LB SP21 EP3
Cisco WebEx (Windows) 27.10
Cisco WebEx (Windows) 27.00
Cisco WebEx (Windows) 26.49.32
Cisco WebEx (Windows) 26.00
Cisco WebEx (Mac OS X) T27 SP28
Cisco WebEx (Mac OS X) T27 SP25 EP3
Cisco WebEx (Mac OS X) T27 SP23
Cisco WebEx (Mac OS X) T27 SP21 EP9
Cisco WebEx (Mac OS X) T27 SP11 EP23
Cisco WebEx (Mac OS X) T27 LD SP32 CP1
Cisco WebEx (Mac OS X) T27 LD SP32
Cisco WebEx (Mac OS X) T27 LD SP32
Cisco WebEx (Mac OS X) T27 LC SP25 EP9
Cisco WebEx (Mac OS X) T27 LC SP25 EP10
Cisco WebEx (Mac OS X) T27 LB SP21 EP10
Cisco WebEx (Mac OS X) T27 L SP11 EP26
Cisco WebEx (Mac OS X) T27 FR20
Cisco WebEx (Mac OS X) T26 SP49 EP40
Cisco WebEx (Mac OS X) 27LC SP22
Cisco WebEx (Mac OS X) 27LB SP21 EP3
Cisco WebEx (Mac OS X) 27.11.8
Cisco WebEx (Mac OS X) 27.00
Cisco WebEx (Mac OS X) 26.49.35
Cisco WebEx (Mac OS X) 26.00
Cisco WebEx (Ma T27 LD SP32
Cisco WebEx (Linux) T27 SP28
Cisco WebEx (Linux) T27 SP25 EP3
Cisco WebEx (Linux) T27 SP23
Cisco WebEx (Linux) T27 SP21 EP9
Cisco WebEx (Linux) T27 SP11 EP23
Cisco WebEx (Linux) T27 LD SP32 CP1
Cisco WebEx (Linux) T27 LD SP32
Cisco WebEx (Linux) T27 LC SP25 EP9
Cisco WebEx (Linux) T27 LC SP25 EP10
Cisco WebEx (Linux) T27 LB SP21 EP10
Cisco WebEx (Linux) T27 L SP11 EP26
Cisco WebEx (Linux) T27 FR20
Cisco WebEx (Linux) T26 SP49 EP40
Cisco WebEx (Linux) 27LC SP22
Cisco WebEx (Linux) 27LB SP21 EP3
Cisco WebEx (Linux) 27.11.8
Cisco WebEx (Linux) 27.11.8
Cisco WebEx (Linux) 27.00
Cisco WebEx (Linux) 26.49.35
Cisco WebEx (Linux) 26.00
Description:
--------------------------------------------------------------------------------
Bugtraq id: 54213
CVE (CAN) ID: CVE-2012-3053, CVE-2012-3054, CVE-2012-3055, CVE-2012-3056, CVE-2012-3057
WebEx conferencing service is a managed multimedia conferencing solution managed and maintained by Cisco WebEx. The WRF file format is used to store WebEx meeting records. The player is used to play back and edit record files. Cisco WebEx Player is used to play back the content of a meeting recorded on the WebEx meeting site or online meeting participants. The player is automatically installed when you access the record files on the WebEx meeting site. You can also manually install it after downloading it.
Multiple Remote Buffer overflow vulnerabilities exist in the implementation of Cisco WebEx. Attackers can exploit these vulnerabilities to execute arbitrary code when running affected applications.
<* Source: iDEFENSE
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
Cisco
-----
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://www.cisco.com/warp/public/707/advisory.html