10 matches found
CVE-2017-3823
The CVE-2017-3823 issue affects Cisco WebEx browser extensions: Chrome WebEx Extension prior to 1.0.7, Firefox’s ActiveTouch General Plugin Container prior to 106, Internet Explorer’s GpcContainer ActiveX control prior to 10031.6.2017.0126, and Internet Explorer’s Download Manager ActiveX control...
CVE-2026-20149
Cisco Webex contains an unauthenticated XSS vulnerability due to improper input filtering. An attacker could trick a user into clicking a malicious link, potentially executing scripts in the user’s context. Cisco has addressed the issue; no customer action is required. Affected product: Cisco Web...
CVE-2009-2879
CVE-2009-2879 describes a heap-based buffer overflow in atas32.dll used by the Cisco WebEx WRF Player. Affected versions include Windows 26.x before 26.49.32 (T26SP49EP32) and 27.x before 27.10.x (T27SP10); macOS/Linux 26.x before 26.49.35 and 27.x before 27.11.8. The vulnerability allows remote ...
CVE-2009-2876
CVE-2009-2876/2878/2879 describe a heap-based buffer overflow in atas32.dll used by Cisco WebEx WebEx Recording Format (WRF) Player. The vulnerabilities affect WebEx WRF Player 26.x (before 26.49.32; Windows), 27.x (before 27.10.x; Windows), 26.x (before 26.49.35; macOS/Linux), and 27.x (before 2...
CVE-2012-6399
Cisco WebEx 4.1 on iOS is affected by CVE-2012-6399: it does not validate that the server hostname matches the CN/subjectAltName in the X.509 certificate, enabling MITM with an arbitrary valid certificate. Root cause: hostname verification failure in SSL/TLS. Impact per sources: partial confident...
CVE-2009-2878
CVE-2009-2878 is a heap-based buffer overflow in atas32.dll used by the Cisco WebEx WRF Player. Affected include Windows: 26.x before 26.49.32 (T26SP49EP32) and 27.x before 27.10.x (T27SP10); Mac OS X/Linux: 26.x before 26.49.35 and 27.x before 27.11.8. An attacker can trigger a denial of service...
CVE-2009-2880
Cisco WebEx WRF Player contains a buffer overflow in atrpui.dll that can cause a crash or allow remote code execution when processing crafted WRF files. Affected platforms include Windows (WRF Player 26.x before 26.49.32; 27.x before 27.10.x) and Mac/Linux (26.x before 26.49.35 for macOS/Linux; 2...
CVE-2013-3425
Cisco WebEx Meeting Center 11 is affected by an information-disclosure flaw in the error handling when handling SPI file-view requests. The vulnerability allows a remote, authenticated attacker to enumerate file existence via crafted SPI calls, exposing information about files the user is not aut...
CVE-2009-2875
CVE-2009-2875 is a buffer-overflow vulnerability in Cisco WebEx WRF Player (atas32.dll) that can crash the application or allow remote code execution via a crafted WebEx Recording Format (WRF) file. Affected are Windows: WRF Player versions before 26.49.32 (26.x) and 27.x before 27.10.x; macOS/Li...
CVE-2009-2877
Cisco WebEx WRF Player suffers a stack-based buffer overflow in ataudio.dll that can crash the player or allow remote code execution via a crafted WRF file. Affected platforms include Windows, Mac OS X, and Linux; vulnerable versions are WebEx Player 26.x before 26.49.32 (Windows) and 26.x before...