A vulnerability in Cisco WebEx Network Recording Player for Advanced Recording Format (.arf) files could allow an attacker to execute arbitrary code on a system. An attacker could exploit this vulnerability by providing a user with a malicious .arf file via email or URL and convincing the user to launch the file.
Exploitation of this vulnerability could cause a buffer overflow condition on the targeted system, causing the Network Recording Player to crash, resulting in a denial of service (DoS) condition.
There are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-webex [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-webex”]
Vendor | Product | Version | CPE |
---|---|---|---|
cisco | webex_meeting_center | any | cpe:2.3:a:cisco:webex_meeting_center:any:*:*:*:*:*:*:* |
cisco | webex_player | any | cpe:2.3:a:cisco:webex_player:any:*:*:*:*:macos:*:* |
cisco | webex_meetings_server | any | cpe:2.3:a:cisco:webex_meetings_server:any:*:*:*:*:*:*:* |
cisco | webex_meetings | any | cpe:2.3:a:cisco:webex_meetings:any:*:*:*:*:*:*:* |