logo
DATABASE RESOURCES PRICING ABOUT US

Cisco Webex Network Recording Player and Cisco Webex Player Multiple Vulnerabilities (cisco-sa-20200304-webex-player

Description

The version of Cisco Webex Network Recording Player and Cisco Webex Player installed on the remote host is affected by multiple remote code execution vulnerabilities due to insufficient validation of certain elements within a Webex recording that is stored in either the Advanced Recording Format (ARF) or the Webex Recording Format (WRF). An unauthenticated remote attacker could exploit this, by sending a malicious ARF or WRF file to a user through a link or email attachment and persuading the user to open the file on the local system to execute arbitrary code with the same privileges of the targeted user.


Related