mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 09:11:28 +00:00
110 lines
3.5 KiB
JSON
110 lines
3.5 KiB
JSON
{
|
|
"id": "CVE-2011-3319",
|
|
"sourceIdentifier": "ykramarz@cisco.com",
|
|
"published": "2011-10-27T21:55:01.057",
|
|
"lastModified": "2024-11-21T01:30:15.253",
|
|
"vulnStatus": "Modified",
|
|
"cveTags": [],
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Buffer overflow in the WRF parsing functionality in the Cisco WebEx Recording Format (WRF) player T26 before SP49 EP40 and T27 before SP28 allows remote attackers to execute arbitrary code via a crafted WRF file."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Desbordamiento de b\u00fafer en la funcionalidad de parseo WRF en Cisco WebEx Recording Format (WRF) player T26 anterior a SP49 EP40 y T27 anterior a SP28, permite a atacantes remotos ejecutar c\u00f3digo arbitrario mediante un fichero WRF manipulado."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
|
|
"baseScore": 9.3,
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "MEDIUM",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "COMPLETE",
|
|
"integrityImpact": "COMPLETE",
|
|
"availabilityImpact": "COMPLETE"
|
|
},
|
|
"baseSeverity": "HIGH",
|
|
"exploitabilityScore": 8.6,
|
|
"impactScore": 10.0,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": true
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-119"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:26:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "89A7EC6D-EFF7-494D-BBF7-787464A2858B"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "8F949C6D-8074-444B-986E-63F06F9A05A7"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27.10:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "1B242684-7692-4F50-8419-587F0DCBC376"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27.12:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "6D126564-E0D1-4E25-BD83-B10EF9AFBDA8"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cisco:webex_recording_format_player:27.13:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F4D92FB5-277D-43B8-8200-43E1FE102BA3"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-webex",
|
|
"source": "ykramarz@cisco.com",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-webex",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
}
|
|
]
|
|
} |