CVE-2010-3270

Sažetak

Stack-based buffer overflow in Cisco WebEx Meeting Center T27LB before SP21 EP3 and T27LC before SP22 allows user-assisted remote authenticated users to execute arbitrary code by providing a crafted .atp file and then disconnecting from a meeting. NOTE: since this is a site-specific issue with no expected action for consumers, it might be REJECTed.

Reference

http://securitytracker.com/id?1025015
http://tools.cisco.com/security/center/viewAlert.x?alertId=22355
http://www.coresecurity.com/content/webex-atp-and-wrf-overflow-vulnerabilities
http://www.securityfocus.com/archive/1/516095/100/0/threaded
http://www.securityfocus.com/bid/46078
http://www.vupen.com/english/advisories/2011/0260

CVSS

Base:	6.8
Impact:	10.0
Exploitability:	3.2

Pristup

Vektor	Složenost	Autentikacija
NETWORK	HIGH	MULTIPLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:H/Au:M/C:C/I:C/A:C

Zadnje važnije ažuriranje

10-10-2018 - 20:01

Objavljeno

02-02-2011 - 23:00