17 matches found
CVE-2018-15436
The CVE-2018-15436 issue affects Cisco Webex Centers’ web-based management interfaces (Events Center, Meeting Center, Support Center, Training Center). A cross-site scripting (XSS) vulnerability arises from insufficient validation of user-supplied input, allowing an unauthenticated, remote attack...
CVE-2018-15410
Cisco Webex Network Recording Player and Cisco Webex Player for Windows are affected by a vulnerability where ARF/WRF file validation is faulty, allowing an attacker who persuades a user to open a malicious file to execute arbitrary code with the user’s privileges. Root cause cited across sources...
CVE-2018-15421
Cisco Webex Network Recording Player and Cisco Webex Player for Windows are affected by CVE-2018-15421 due to improper validation of ARF/WRF files. An attacker can deliver a malicious ARF/WRF file via a link or email attachment and persuade a user to open it, potentially allowing arbitrary code e...
CVE-2018-15415
CVE-2018-15415 affects the Cisco Webex Network Recording Player and Cisco Webex Player for Windows. The issue stems from improper validation in ARF/WRF file parsing, allowing an attacker to execute arbitrary code on a vulnerable system. ZDI describes a remote code execution via a crafted ARF file...
CVE-2018-15422
Cisco Webex Network Recording Player (Windows) and Cisco Webex Player for Windows are affected by ARF/WRF file validation flaws that allow remote code execution when a user opens a malicious ARF/WRF file sent via link or email attachment. The root cause is improper validation of WebEx recording f...
CVE-2018-0422
Summary: CVE-2018-0422 affects Cisco Webex Meetings Client for Windows. The vulnerability stems from folder permissions that allow a user to read, write, and execute files in the Webex user directories, enabling an authenticated, local attacker to modify locally stored files and execute code with...
CVE-2018-15408
CVE-2018-15408 affects Cisco Webex Network Recording Player and Webex Player for Windows. The root cause is improper validation of ARF/WRF files, enabling arbitrary code execution when a user opens a crafted file received via link or email attachment. ZDI details indicate remote code execution wi...
CVE-2018-15414
Cisco Webex Network Recording Player (Windows) and Cisco Webex Player are affected by ARF/WRF file validation flaws that can lead to remote code execution when a user opens a malicious ARF/WRF file sent via link or email attachment. The root cause is improper validation of ARF/WRF files. Impact: ...
CVE-2018-15411
The CVE-2018-15411 issue affects Cisco Webex Network Recording Player for Windows and Cisco Webex Player for Windows. The root cause is improper validation of ARF/WRF files, allowing arbitrary code execution when a user opens a malicious ARF/WRF file (via link or email attachment). Exploitation r...
CVE-2018-15413
Cisco Webex Network Recording Player and Cisco Webex Player for Windows are vulnerable to remote code execution due to improper validation of ARF/WRF files. An attacker can craft a malicious ARF/WRF file and entice a user to open it, potentially executing arbitrary code in the user’s process afte...
CVE-2018-15412
CVE-2018-15412 affects Cisco Webex Network Recording Player for Windows and Cisco Webex Player for Windows. The issue arises from improper validation of ARF/WRF files, enabling an attacker to execute arbitrary code by delivering a malicious ARF/WRF file via link or email and convincing a user to ...
CVE-2018-15416
CVE-2018-15416 affects Cisco Webex Network Recording Player and Cisco Webex Player for Windows. The root cause is improper validation of ARF/WRF files, enabling a crafted file to trigger arbitrary code execution when a user opens it with the affected software. Attacks require user interaction (ph...
CVE-2018-15418
CVE-2018-15418 affects Cisco Webex Network Recording Player and Webex Player for Windows. The root cause is improper validation of ARF/WRF files, enabling remote code execution when a user opens a malicious ARF/WRF file delivered via link or email attachment. Impact is arbitrary code execution wi...
CVE-2018-15417
Cisco Webex Network Recording Player for Windows and Cisco Webex Player for Windows are affected by a vulnerability where ARF/WRF file validation is improper, enabling arbitrary code execution when a user opens a malicious ARF/WRF file sent via link or attachment. The flaw allows remote code exec...
CVE-2018-15419
The CVE-2018-15419 issue affects Cisco Webex Network Recording Player and Cisco Webex Player for Windows. The root cause is improper validation of ARF and WRF files, enabling remote code execution when a user opens a malicious ARF/WRF file delivered via a link or email attachment. Impact is arbit...
CVE-2018-15409
Cisco Webex Network Recording Player for Windows and Cisco Webex Player for Windows are affected by a vulnerability in ARF/WRF file processing that could allow remote code execution. The root cause is improper validation of ARF/WRF data, enabling an attacker to craft a malicious file or link sent...
CVE-2018-15420
Cisco Webex Network Recording Player for Windows and Cisco Webex Player for Windows are affected by CVE-2018-15420. The root cause is improper validation of ARF/WRF files, enabling an attacker to execute arbitrary code when a user opens a malicious ARF/WRF file delivered via link or email attachm...