19 matches found
CVE-2018-0264
Summary: CVE-2018-0264 affects Cisco WebEx ARF playback components across WebEx Business Suite, Meetings sites, Meetings Server, and ARF Player. An unauthenticated, remote attacker can trigger arbitrary code execution by sending a user a link or email attachment containing a malicious ARF file an...
CVE-2018-0112
CVE-2018-0112 affects Cisco WebEx Business Suite clients, Cisco WebEx Meetings, and Cisco WebEx Meetings Server. The root cause is insufficient input validation by the WebEx clients, enabling an authenticated remote attacker to execute arbitrary code on a targeted system by delivering a malicious...
CVE-2018-15436
The CVE-2018-15436 issue affects Cisco Webex Centers’ web-based management interfaces (Events Center, Meeting Center, Support Center, Training Center). A cross-site scripting (XSS) vulnerability arises from insufficient validation of user-supplied input, allowing an unauthenticated, remote attack...
CVE-2018-15410
Cisco Webex Network Recording Player and Cisco Webex Player for Windows are affected by a vulnerability where ARF/WRF file validation is faulty, allowing an attacker who persuades a user to open a malicious file to execute arbitrary code with the user’s privileges. Root cause cited across sources...
CVE-2018-15421
Cisco Webex Network Recording Player and Cisco Webex Player for Windows are affected by CVE-2018-15421 due to improper validation of ARF/WRF files. An attacker can deliver a malicious ARF/WRF file via a link or email attachment and persuade a user to open it, potentially allowing arbitrary code e...
CVE-2018-15431
Cisco Webex Network Recording Player and Webex Player for Windows are affected by CVE-2018-15431. The vulnerability arises from improper validation of ARF/WRF files, allowing an attacker to execute arbitrary code on an affected system when a user opens a malicious ARF/WRF file delivered via a lin...
CVE-2018-15415
CVE-2018-15415 affects the Cisco Webex Network Recording Player and Cisco Webex Player for Windows. The issue stems from improper validation in ARF/WRF file parsing, allowing an attacker to execute arbitrary code on a vulnerable system. ZDI describes a remote code execution via a crafted ARF file...
CVE-2018-15422
Cisco Webex Network Recording Player (Windows) and Cisco Webex Player for Windows are affected by ARF/WRF file validation flaws that allow remote code execution when a user opens a malicious ARF/WRF file sent via link or email attachment. The root cause is improper validation of WebEx recording f...
CVE-2018-0422
Summary: CVE-2018-0422 affects Cisco Webex Meetings Client for Windows. The vulnerability stems from folder permissions that allow a user to read, write, and execute files in the Webex user directories, enabling an authenticated, local attacker to modify locally stored files and execute code with...
CVE-2018-15408
CVE-2018-15408 affects Cisco Webex Network Recording Player and Webex Player for Windows. The root cause is improper validation of ARF/WRF files, enabling arbitrary code execution when a user opens a crafted file received via link or email attachment. ZDI details indicate remote code execution wi...
CVE-2018-15414
Cisco Webex Network Recording Player (Windows) and Cisco Webex Player are affected by ARF/WRF file validation flaws that can lead to remote code execution when a user opens a malicious ARF/WRF file sent via link or email attachment. The root cause is improper validation of ARF/WRF files. Impact: ...
CVE-2018-15411
The CVE-2018-15411 issue affects Cisco Webex Network Recording Player for Windows and Cisco Webex Player for Windows. The root cause is improper validation of ARF/WRF files, allowing arbitrary code execution when a user opens a malicious ARF/WRF file (via link or email attachment). Exploitation r...
CVE-2018-15413
Cisco Webex Network Recording Player and Cisco Webex Player for Windows are vulnerable to remote code execution due to improper validation of ARF/WRF files. An attacker can craft a malicious ARF/WRF file and entice a user to open it, potentially executing arbitrary code in the user’s process afte...
CVE-2018-15412
CVE-2018-15412 affects Cisco Webex Network Recording Player for Windows and Cisco Webex Player for Windows. The issue arises from improper validation of ARF/WRF files, enabling an attacker to execute arbitrary code by delivering a malicious ARF/WRF file via link or email and convincing a user to ...
CVE-2018-15416
CVE-2018-15416 affects Cisco Webex Network Recording Player and Cisco Webex Player for Windows. The root cause is improper validation of ARF/WRF files, enabling a crafted file to trigger arbitrary code execution when a user opens it with the affected software. Attacks require user interaction (ph...
CVE-2018-15418
CVE-2018-15418 affects Cisco Webex Network Recording Player and Webex Player for Windows. The root cause is improper validation of ARF/WRF files, enabling remote code execution when a user opens a malicious ARF/WRF file delivered via link or email attachment. Impact is arbitrary code execution wi...
CVE-2018-15417
Cisco Webex Network Recording Player for Windows and Cisco Webex Player for Windows are affected by a vulnerability where ARF/WRF file validation is improper, enabling arbitrary code execution when a user opens a malicious ARF/WRF file sent via link or attachment. The flaw allows remote code exec...
CVE-2018-15419
The CVE-2018-15419 issue affects Cisco Webex Network Recording Player and Cisco Webex Player for Windows. The root cause is improper validation of ARF and WRF files, enabling remote code execution when a user opens a malicious ARF/WRF file delivered via a link or email attachment. Impact is arbit...
CVE-2018-15420
Cisco Webex Network Recording Player for Windows and Cisco Webex Player for Windows are affected by CVE-2018-15420. The root cause is improper validation of ARF/WRF files, enabling an attacker to execute arbitrary code when a user opens a malicious ARF/WRF file delivered via link or email attachm...