漏洞信息详情
Cisco WebEx WRF Player ‘atrpui.dll’缓冲区溢出漏洞
- CNNVD编号:CNNVD-200912-263
- 危害等级: 超危
- CVE编号: CVE-2009-2880
- 漏洞类型: 缓冲区溢出
- 发布时间: 2009-12-18
- 威胁类型: 远程
- 更新时间: 2009-12-21
- 厂 商: cisco
- 漏洞来源: Xiaopeng ZhangZhen...
漏洞简介
Cisco WebEx WRF Player用于播放与会者在电脑上所记录的WebEx会议记录。
Windows、Linux和Mac OS X下的Cisco WebEx WRF Player的atrpui.dll存在缓冲区溢出漏洞。远程攻击者通过特制的WRF文件造成拒绝服务攻击或可能执行任意代码。
漏洞公告
目前厂商还没有提供此漏洞的相关补丁或者升级程序,建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.cisco.com/en/US/hmpgs/index.HTML
参考网址
来源: VUPEN
名称: ADV-2009-3574
链接:http://www.vupen.com/english/advisories/2009/3574
来源: CISCO
名称: 20091216 Multiple Cisco WebEx WRF Player Vulnerabilities
链接:http://www.cisco.com/en/US/products/products_security_advisory09186a0080b0a577.sHTML
来源: tools.cisco.com
链接:http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=23040&signatureSubId=0&softwareVersion=6.0&releaseVersion=S456
来源: tools.cisco.com
链接:http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22799&signatureSubId=0&softwareVersion=6.0&releaseVersion=S456
来源: tools.cisco.com
链接:http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22663&signatureSubId=0&softwareVersion=6.0&releaseVersion=S456
来源: tools.cisco.com
链接:http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22662&signatureSubId=0&softwareVersion=6.0&releaseVersion=S456
来源: tools.cisco.com
链接:http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22661&signatureSubId=0&softwareVersion=6.0&releaseVersion=S456
来源: tools.cisco.com
链接:http://tools.cisco.com/security/center/viewIpsSignature.x?signatureId=22660&signatureSubId=0&softwareVersion=6.0&releaseVersion=S456
来源: tools.cisco.com
链接:http://tools.cisco.com/security/center/viewAlert.x?alertId=19499
来源: XF
名称: cisco-webex-wrf-bo(54841)
链接:http://xforce.iss.net/xforce/xfdb/54841
来源: BID
名称: 37352
链接:http://www.securityfocus.com/bid/37352
来源: OSVDB
名称: 61130
链接:http://www.osvdb.org/61130
来源: MISC
链接:http://www.fortiguard.com/encyclopedia/vulnerability/cisco.webex.player.atrpui.dos.HTML
来源: MISC
链接:http://www.fortiguard.com/advisory/FGA-2009-48.HTML
来源: SECTRACK
名称: 1023360
链接:http://securitytracker.com/id?1023360
来源: SECUNIA
名称: 37810
链接:http://secunia.com/advisories/37810
受影响实体
- Cisco Webex:26.00:Windows
- Cisco Webex:27.00:Windows
- Cisco Webex:27.00:Linux
- Cisco Webex:26.00:Linux
- Cisco Webex:26.00:Mac_os_x
补丁
暂无
评论