10 matches found
CVE-2021-1536
CVE-2021-1536 affects Cisco Webex products on Windows (Webex Meetings Desktop App, Webex Meetings Server, Webex Network Recording Player, and Webex Teams). The issue is a directory-path handling flaw that lets an authenticated, local attacker place a configuration file to cause loading of a malic...
CVE-2020-3127
Cisco WebEx Network Recording Player and Cisco Webex Player for Windows are affected by CVE-2020-3127 and related CVEs due to improper validation in ARF/WRF file parsing. The root cause is an uninitialized pointer access during ARF/WRF processing, enabling remote code execution. An attacker can e...
CVE-2020-3128
Cisco Webex Network Recording Player and Cisco Webex Player for Windows are affected by CVE-2020-3128 due to insufficient validation of elements in ARF/WRF Webex recordings. An attacker could deliver a crafted ARF/WRF file via link or email and persuade a user to open it, risking arbitrary code e...
CVE-2021-1502
CVE-2021-1502 affects Cisco Webex Network Recording Player and Webex Player for Windows and macOS. Root cause: memory corruption due to insufficient validation of ARF/WRF recording files. Attackers can deliver a crafted ARF/WRF via a link or email attachment and persuade a user to open it, enabli...
CVE-2020-3194
The CVE-2020-3194 issue affects Cisco Webex Network Recording Player and Cisco Webex Player on Windows. It arises from insufficient validation of elements within a Webex recording stored as ARF/WRF, allowing an unauthenticated attacker to craft a malicious file and coerce a user to open it, there...
CVE-2018-0104
The CVE-2018-0104 issue concerns Cisco WebEx Network Recording Player for ARF files. A remote attacker can trigger arbitrary code execution by sending a user a link or email attachment containing a malicious ARF file and convincing them to open it. Affected products include Cisco WebEx Business S...
CVE-2018-0103
CVE-2018-0103 describes a buffer overflow in Cisco WebEx Network Recording Player when parsing ARF files, permitting arbitrary code execution with local access (per NVD) and potentially remote exploitation via crafted ARF content (per ZDI). Affected: Cisco WebEx Network Recording Player and relat...
CVE-2020-3319
CVE-2020-3319 affects Cisco Webex Network Recording Player and Cisco Webex Player for Windows. The issue is an input/element validation error in Webex ARF/WRF recordings, which can cause the Webex player to crash when viewing a malicious file, leading to a DoS. Affected releases are Webex Network...
CVE-2020-3322
Cisco Webex Network Recording Player and Cisco Webex Player for Windows are affected by an input-validation vulnerability in ARF/WRF recordings. The issue allows an attacker to cause the player to crash when opening a malicious ARF/WRF file, resulting in DoS on the affected system. The provided c...
CVE-2020-3321
Cisco Webex Network Recording Player and Cisco Webex Player for Windows are affected by CVE-2020-3321. The vulnerability stems from insufficient validation of elements inside Webex recordings stored in ARF or WRF formats, allowing a crafted file to crash the Webex player and cause a DoS on the ho...