Lucene search
K

7 matches found

Tenable Nessus
Tenable Nessus
added 2017/07/19 12:0 a.m.44 views

Cisco WebEx Extension for Chrome < 1.0.12 'atgpcext' Library GPC Sanitization RCE (cisco-sa-20170717-webex)

The Cisco WebEx Extension for Chrome installed on the remote host is a version prior to 1.0.12. It is, therefore, affected by a remote code execution vulnerability in the 'atgpcext' library due to incomplete GPC sanitization. An unauthenticated, remote attacker can exploit this, by convincing a...

9.3CVSS8.6AI score0.05951EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2017/07/19 12:0 a.m.107 views

Cisco WebEx Extension for Firefox < 1.0.12 'atgpcext' Library GPC Sanitization RCE (cisco-sa-20170717-webex)

The Cisco WebEx Extension for Firefox installed on the remote host is a version prior to 1.0.12. It is, therefore, affected by a remote code execution vulnerability in the 'atgpcext' library due to incomplete GPC sanitization. An unauthenticated, remote attacker can exploit this, by convincing a...

9.3CVSS8.6AI score0.05951EPSS
Exploits0References3
Packet Storm
Packet Storm
added 2017/02/01 12:0 a.m.120 views

Cisco WebEx Chrome Extension Remote Command Execution

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule "Cisco WebEx Chrome Extension RCE CVE-2017-3823", 'Description' = %q This module exploits a vulnerability present in the Cisco...

0.7AI score0.27231EPSS
Exploits6
Tenable Nessus
Tenable Nessus
added 2017/01/31 12:0 a.m.136 views

Cisco WebEx for Firefox RCE (cisco-sa-20170124-webex)

The Cisco WebEx Extension for Firefox installed on the remote host is affected by a remote code execution vulnerability due to a crafted pattern that permits any URL utilizing it to automatically use native messaging to access sensitive functionality provided by the extension. An unauthenticated,...

9.3CVSS8.8AI score0.27231EPSS
Exploits6References4
Metasploit
Metasploit
added 2017/01/27 10:59 p.m.68 views

Cisco WebEx Chrome Extension RCE (CVE-2017-3823)

This module exploits a vulnerability present in the Cisco WebEx Chrome Extension version 1.0.1 which allows an attacker to execute arbitrary commands on a system. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class...

8.8CVSS8.9AI score0.27231EPSS
Exploits6
Saint
Saint
added 2017/01/26 12:0 a.m.48 views

WebEx browser extension command execution

Added: 01/26/2017 CVE: CVE-2017-3823 BID: 95737 Background Cisco WebEx is an online meeting solution. Extensions are available for all major web browsers, which enable users to join meetings from their browser. Problem A vulnerability in the WebEx browser extensions allows command execution when ...

9.3CVSS8.8AI score0.27231EPSS
Exploits6
Filippo.io
Filippo.io
added 2017/01/23 10:56 p.m.15 views

How to protect yourself from the WebEx extension

On Monday, Tavis Ormandy of Project Zero revealed that the Cisco WebEx Chrome extension 20M users has a critical vulnerability. OMFG🔥 The WebEx Chrome extension has a trivial code execution vulnerability: any website could just install malware on your machine silently -- Filippo Valsorda...

7.8AI score
Exploits0
Rows per page
Query Builder