CVE-2013-3399

{"id": "CVE-2013-3399", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.6, "accessVector": "LOCAL", "vectorString": "AV:L/AC:M/Au:S/C:C/I:C/A:C", "authentication": "SINGLE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 2.7, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2013-07-02T03:43:34.663", "references": [{"url": "http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-3399", "source": "ykramarz@cisco.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-119"}]}], "descriptions": [{"lang": "en", "value": "Buffer overflow in an unspecified Android API on the Cisco Desktop Collaboration Experience DX650 allows attackers to execute arbitrary code via vectors that leverage incorrect memory allocation, aka Bug IDs CSCuf93957, CSCug22352, and CSCug22462."}, {"lang": "es", "value": "Desbordamiento de b\u00fafer en una API Android no especificada en el Cisco Desktop Collaboration Experience DX650, permite a atacantes la ejecuci\u00f3n arbitraria de c\u00f3digo a trav\u00e9s de vectores que aprovechan una asignaci\u00f3n incorrecta de memoria. Aka Bug IDs CSCuf93957, CSCug22352, y CSCug22462."}], "lastModified": "2013-07-23T09:55:50.297", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cisco:desktop_collaboration_experience:dx650:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BD3ED6BE-72D3-4C09-9244-4AF32F8DE1A8"}], "operator": "OR"}]}], "sourceIdentifier": "ykramarz@cisco.com"}