|CVSS SCORE||5.1, (AV:N/AC:H/Au:N/C:P/I:P/A:P)|
The specific flaw exists within the PROVIDER.DLL module. Crafted data in an ARF file can trigger an integer underflow before a memory write operation. An attacker can leverage this vulnerability to execute code in the context of the current process.
Cisco has issued an update to correct this vulnerability. More details can be found at:
|CREDIT||Steven Seeley (mr_me) of Source Incite