3 matches found
CVE-2018-15442
CVE-2018-15442 concerns Cisco Webex Meetings Desktop App on Windows. The issue is a command-injection in the Update Service (WebExService) caused by insufficient validation of user-supplied parameters. An authenticated, local attacker could invoke the update command with a crafted argument and ex...
CVE-2019-1674
CVE-2019-1674 is a local OS command injection in Cisco Webex Updates: the update service accepts crafted parameters, allowing an attacker with local access to execute commands with SYSTEM privileges. Affected: Cisco Webex Meetings Desktop App for Windows and Cisco Webex Productivity Tools. Root c...
CVE-2016-4349
The CVE-2016-4349 entry describes an Untrusted search path vulnerability in Cisco WebEx Productivity Tools 2.40.5001.10012. The issue allows local privilege escalation by placing one of several DLLs (cryptsp.dll, dwmapi.dll, msimg32.dll, ntmarta.dll, propsys.dll, riched20.dll, rpcrtremote.dll, se...