17 matches found
CVE-2019-1924
Cisco CVE-2019-1924 affects Cisco Webex Network Recording Player for Windows and Cisco Webex Player for Windows. The issue stems from improper validation of ARF/WRF files, enabling remote code execution when a user opens a malicious ARF/WRF file delivered via link or email attachment. The exploit...
CVE-2019-15284
Consolidated details confirm CVE-2019-15284 affects Cisco Webex Network Recording Player for Windows and Cisco Webex Player for Windows. The root cause is insufficient validation of certain elements within ARF/WRF Webex recordings, enabling an attacker to execute arbitrary code on a targeted syst...
CVE-2019-1928
The CVE-2019-1928 entries describe multiple ARF/WRF parsing vulnerabilities in Cisco Webex Network Recording Player for Windows and Cisco Webex Player for Windows. The root cause is improper validation of ARF/WRF files, which can be exploited by sending a malicious file via a link or email attach...
CVE-2019-1927
CVE-2019-1927 affects Cisco Webex Network Recording Player and Cisco Webex Player for Windows. Root cause: improper validation of ARF/WRF files, enabling arbitrary code execution when a user opens a malicious ARF/WRF file received via link or email attachment. Impact: code runs with the user’s pr...
CVE-2019-1929
The CVE-2019-1929 family covers multiple vulnerabilities in Cisco Webex Network Recording Player and Cisco Webex Player for Windows. The root cause is improper validation of ARF/WRF files, enabling an attacker to execute arbitrary code on the target system. Exploitation requires a user to open a ...
CVE-2019-15286
CVE-2019-15286 covers multiple arbitrary code execution vulnerabilities in Cisco Webex Network Recording Player and Cisco Webex Player for Windows caused by insufficient validation of Webex ARF/WRF recordings. An attacker could craft a malicious ARF/WRF file and persuade a user to open it, execut...
CVE-2019-1926
Cisco Webex Network Recording Player and Cisco Webex Player for Windows are affected by CVE-2019-1926 due to improper validation of ARF/WRF files, enabling arbitrary code execution. The exploit involves sending a malicious ARF/WRF file via a link or email attachment and convincing the user to ope...
CVE-2019-1925
Cisco Webex Network Recording Player and Webex Player for Windows are affected by multiple issues caused by improper validation of ARF/WRF files, enabling arbitrary code execution when a user opens a crafted ARF/WRF file delivered via link or email attachment. The vulnerabilities stem from memory...
CVE-2019-1773
The CVE-2019-1773 issue affects the Cisco Webex Network Recording Player and the Cisco Webex Player for Windows. The vulnerability arises from improper validation of Advanced Recording Format (ARF) and Webex Recording Format (WRF) files, allowing an attacker to execute arbitrary code when a user ...
CVE-2018-0104
The CVE-2018-0104 issue concerns Cisco WebEx Network Recording Player for ARF files. A remote attacker can trigger arbitrary code execution by sending a user a link or email attachment containing a malicious ARF file and convincing them to open it. Affected products include Cisco WebEx Business S...
CVE-2018-0103
CVE-2018-0103 describes a buffer overflow in Cisco WebEx Network Recording Player when parsing ARF files, permitting arbitrary code execution with local access (per NVD) and potentially remote exploitation via crafted ARF content (per ZDI). Affected: Cisco WebEx Network Recording Player and relat...
CVE-2019-1771
CVE-2019-1771 affects Cisco Webex Network Recording Player for Windows and Cisco Webex Player for Windows. The issue arises from improper validation of ARF/WRF files, enabling an attacker to execute arbitrary code when a user opens a malicious ARF/WRF file delivered via link or email attachment. ...
CVE-2018-0379
Cisco WebEx Network Recording Player/Recorder and WebEx Recording Format (WRF) parsing vulnerabilities exist in ARF/WRF handling. Multiple issues (e.g., ARF/WRF parsing) can cause heap-based or integer overflow, leading to remote code execution when a user opens a malicious ARF/WRF file or views ...
CVE-2019-1772
CVE-2019-1772 affects Cisco Webex Network Recording Player for Windows and Cisco Webex Player for Windows. Root cause: improper validation of ARF/WRF files, enabling a crafted file to cause arbitrary code execution on the affected system when a user opens it. Exploit path: attacker emails or link...
CVE-2014-2199
CVE-2014-2199 affects Cisco WebEx components (Event Center, Meeting Center, Sales Center, Training Center, WebEx Meetings Server 1.5(.1.131) and earlier) and WebEx Business Suite; vulnerable are versions before 27.32.31.16 (27.x), before 28.12.13.18 (28.x), and before 29.5.1.12 (29.x). The vulner...
CVE-2018-15461
Cisco Webex Business Suite (MyWebex component) contains a cross-site scripting (XSS) vulnerability due to insufficient input validation. An unauthenticated, remote attacker can lure a user to click a crafted URL, enabling injection of arbitrary web script or HTML. Exploitation relies on social en...
CVE-2019-1680
The CVE-2019-1680 issue affects Cisco Webex Business Suite pre-3.0.9 where improper input validation allows an unauthenticated, remote attacker to inject arbitrary text into a user’s browser via a malicious URL, enabling content injection and potential spoofing. Connected sources corroborate the ...