Intrusion PreventionCisco.Webex.CVE-2020-3319.Memory.Corruption
Description
This indicates an attack attempt against a Memory Corruption vulnerability in Cisco Webex Network Recording Player and Webex Player.
The vulnerability is caused by an error when the vulnerable software handles a crafted ARF file. A remote attacker may be able to exploit this to execute arbitrary code within the context of the user, via a crafted ARF file.
Affected Products
Cisco Webex Network Recording Player and Webex Player versions earlier than Release 3.0 MR3 Security Patch 2 and 4.0 MR3
Impact
Denial of Service: Remote attackers can crash vulnerable application.
Recommended Actions
Apply the latest update from the vendor.
https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs98254
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Status | Detail |
|---|---|---|---|
| 2024-06-04 | 28.800 |
Modified
|
Name:Cisco. WebEx. CVE-2020-3319. Memory. Corruption:Cisco. Webex. CVE-2020-3319. Memory. Corruption |
| 2020-06-05 | 15.858 |
Modified
|
Name:FG-VD-20-036_Cisco. 0day:Cisco. WebEx. CVE-2020-3319. Memory. Corruption |
| 2020-06-05 | 15.858 |
Modified
|
Severity:high:medium |
| 2020-04-30 | 15.831 |
Modified
|
Default_action:pass:drop |
| 2020-04-20 | 15.824 |
New
|
| ID | 48930 |
| Created | Apr 20, 2020 |
| Updated | Jun 03, 2024 |
| CVE ID | |
| Risk |
|
| Exploit Prediction Score | 0.35% |
| Default Action | drop |
| Active | |
| Affected OS | Windows, MacOS |
| Affected App | Cisco |
| Profile Type | Buffer Errors |