Cisco WebEx WRF文件格式多个远程缓冲区溢出漏洞
Cisco WebEx WRF文件格式多个远程缓冲区溢出漏洞
发布日期:2012-04-04
更新日期:2012-04-05
受影响系统:
Cisco WebEx (Mac OS X) T27 LD SP32
Cisco WebEx (Mac OS X) T27 LC SP25 EP9
Cisco WebEx (Mac OS X) T27 LB SP21 EP10
Cisco WebEx (Mac OS X) T27 L SP11 EP26
Cisco WebEx (Linux) T27 LD SP32
Cisco WebEx (Linux) T27 LC SP25 EP9
Cisco WebEx (Linux) T27 LB SP21 EP10
Cisco WebEx (Linux) T27 L SP11 EP26
不受影响系统:
Cisco WebEx (Mac OS X) T27 LD SP32 CP1
Cisco WebEx (Mac OS X) T27 LC SP25 EP10
Cisco WebEx (Linux) T27 LD SP32 CP1
Cisco WebEx (Linux) T27 LC SP25 EP10
描述:
--------------------------------------------------------------------------------
BUGTRAQ ID: 52882
CVE ID: CVE-2012-1335,CVE-2012-1336,CVE-2012-1337
WebEx会议服务是Cisco WebEx管理和维护的托管多媒体会议解决方案。WRF文件格式用于存储WebEx会议记录。播放器是用于回放和编辑记录文件。Cisco WebEx Player是用于回放在WebEx会议站点上或在线会议参加者上记录的会议内容。当用户访问WebEx会议站点上的记录文件时,可自动安装播放器。也可下载后手动安装。
Cisco WebEx在实现上存在多个远程缓冲区溢出漏洞,攻击者可利用这些漏洞在运行受影响应用时执行任意代码。
<*来源:Secunia
链接:http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120404-webex
*>
建议:
--------------------------------------------------------------------------------
厂商补丁:
Cisco
-----
Cisco已经为此发布了一个安全公告(cisco-sa-20120404-webex)以及相应补丁:
cisco-sa-20120404-webex:Buffer Overflow Vulnerabilities in the Cisco WebEx Player
链接:http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120404-webex
评论暂时关闭