CVE-2021-1502

CVE-2021-1502 affects Cisco Webex Network Recording Player and Webex Player for Windows and macOS. Root cause: memory corruption due to insufficient validation of ARF/WRF recording files. Attackers can deliver a crafted ARF/WRF via a link or email attachment and persuade a user to open it, enabli...

Cisco Webex Network Webex Player Buffer Overflow Vulnerability

Cisco Webex Network Webex Player is a player for playing video conference recordings from Cisco USA. A buffer overflow vulnerability exists in Cisco Webex Network Recording Player and Cisco Webex Player, which can be exploited by an attacker to execute arbitrary code on an affected system...

Cisco Webex Network Recording Player and Webex Player Memory Corruption (cisco-sa-webex-player-dOJ2jOJ)

The version of Cisco Webex Network Recording Player and Cisco Webex Player installed on the remote host is affected by a memory corruption vulnerability due to insufficient validation of Webex recording files formatted as either Advanced Recording Format ARF or Webex Recording Format WRF. allow a...

Vulnerabilities fixed in Cisco Webex Meetings and Webex Server

Cisco has fixed vulnerabilities in Webex Meetings, Webex Meetings Server, Webex Teams and Webex client software. The vulnerabilities allow a malicious person, possibly remotely, to able to launch attacks that result in the following categories of damage: Circumvention of security measure. Remote...

Vulnerabilities fixed in Cisco Webex Player and Webex Network Recording Player

Cisco has fixed vulnerabilities in Webex Player and Webex Network Recording Player. The vulnerabilities allow an unauthenticated remote malicious party potentially capable of perform attacks that result in the following categories of damage: Denial-of-Service DoS Remote code execution User Rights...

Cisco Webex Network Recording Player and Webex Player Memory Corruption Vulnerability

A vulnerability in Cisco Webex Network Recording Player for Windows and MacOS and Cisco Webex Player for Windows and MacOS could allow an attacker to execute arbitrary code on an affected system. The vulnerability is due to insufficient validation of values within Webex recording files formatted ...

Cisco Webex Meetings and Webex Meetings Server File Redirect Vulnerability

A vulnerability in Cisco Webex Meetings and Cisco Webex Meetings Server could allow an unauthenticated, remote attacker to redirect users to a malicious file. This vulnerability is due to improper validation of URL paths in the application interface. An attacker could exploit this vulnerability b...

Cisco Webex Meetings, Webex Network Recording Player, and Webex Teams DLL Injection Vulnerability

A vulnerability in Cisco Webex Meetings Desktop App for Windows, Cisco Webex Meetings Server, Cisco Webex Network Recording Player for Windows, and Cisco Webex Teams for Windows could allow an authenticated, local attacker to perform a DLL injection attack on an affected device. To exploit this...

Cisco Webex Player Memory Corruption Vulnerability

A vulnerability in Cisco Webex Player for Windows and MacOS could allow an attacker to cause the affected software to terminate or to gain access to memory state information that is related to the vulnerable application. The vulnerability is due to insufficient validation of values in Webex...

Cisco Webex Meetings Client Software Logging Information Disclosure Vulnerability

A vulnerability in logging mechanisms of Cisco Webex Meetings client software could allow an authenticated, local attacker to gain access to sensitive information. This vulnerability is due to unsafe logging of application actions. An attacker could exploit this vulnerability by logging onto the...

Cisco Webex Meetings and Webex Meetings Server Multimedia Sharing Security Bypass Vulnerability

A vulnerability in the multimedia viewer feature of Cisco Webex Meetings and Cisco Webex Meetings Server could allow an authenticated, remote attacker to bypass security protections. This vulnerability is due to unsafe handling of shared content within the multimedia viewer feature. An attacker...

Cisco Webex Network Recording Player and Webex Player Memory Corruption Vulnerability

A vulnerability in Cisco Webex Network Recording Player for Windows and MacOS and Cisco Webex Player for Windows and MacOS could allow an attacker to execute arbitrary code on an affected system. This vulnerability is due to insufficient validation of values in Webex recording files that are in...

Cisco Webex Player Memory Corruption Vulnerability

A vulnerability in Cisco Webex Player for Windows and MacOS could allow an attacker to execute arbitrary code on an affected system. This vulnerability is due to insufficient validation of values in Webex recording files that are in Webex Recording Format WRF. An attacker could exploit this...

Cisco Webex Network Webex Player 缓冲区错误漏洞

Cisco Webex Network Webex Player is a player for playing video conference recordings from Cisco. A buffer error vulnerability exists in Cisco Webex Player, which can be exploited by an attacker to execute arbitrary code on an affected system...

Cisco Webex Teams代码问题漏洞

Cisco Webex Teams is a software for team collaboration from Cisco USA. The software provides online communication for teams with features such as shared files, digital whiteboards, and video conferencing. A code issue vulnerability exists in multiple Cisco products, which is caused by incorrect...

Cisco Webex Meetings 输入验证错误漏洞

Cisco Webex Meetings is a video conferencing and online meeting software from Cisco USA. It provides video and audio conferencing with sharing, chat, and other features. An input validation error vulnerability exists in Cisco Webex Meetings and Cisco Webex meeting Server, which allows an...

Cisco Webex Meeting Center安全漏洞

Cisco Webex Meeting Center is an online collaborative video conferencing solution from Cisco. A security vulnerability exists in multiple Cisco products that originates in the multimedia viewer feature of Cisco Webex meeting and Cisco Webex meeting Server, which can be exploited by an...

Cisco Webex Network Webex Player 缓冲区错误漏洞

Cisco Webex Network Webex Player is a player for playing video conference recordings from Cisco. A buffer error vulnerability exists in Cisco Webex Player that can be exploited by an attacker to cause the affected software to terminate or obtain memory state information related to the attacked...

Cisco Webex meeting客户端软件日志机制 信息泄露漏洞

Cisco Webex Meetings is a video conferencing solution from Cisco. An information disclosure vulnerability exists in the logging mechanism of the Cisco Webex meeting client software, which can be exploited by an authenticated, local attacker to gain access to sensitive information. The vulnerabili...

Cisco Webex Network Recording Player 缓冲区错误漏洞

Cisco Webex Network Recording Player is a player for playing video conference recordings from Cisco. Cisco WebEx Network Recording Player suffers from a buffer error vulnerability that originates from a boundary error when processing ARF and WRF files. A remote attacker could exploit this...