Vulnslist

find the latest Cisco vulnerabilities

Cisco WebEx Network Recording Player Buffer Overflow Vulnerability

cisco-sa-20171129-webex · Medium · Published · Updated

A vulnerability in Cisco WebEx Network Recording Player for Advanced Recording Format (.arf) files could allow an attacker to execute arbitrary code on a system. An attacker could exploit this vulnerability by providing a user with a malicious .arf file via email or URL and convincing the user to launch the file. Exploitation of this vulnerability could cause a buffer overflow condition on the targeted system, causing the Network Recording Player to crash, resulting in a denial of service (DoS) condition. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-webex

Cisco advisory · CSAF JSON

Workarounds

There are no workarounds that address this vulnerability.

CVEsCVE-2017-12359
Cisco Bug IDsCSCve10729, CSCve10771, CSCve10779, CSCve11521, CSCve11543
CVSS ScoreBase 6.5
Base 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:X/RL:X/RC:X
Product Names From Source
Cisco WebEx Meeting Center, Cisco WebEx ARF Player, Cisco WebEx Meetings Server, Cisco Webex Meetings

Related Products

Product CVE Evidence
Cisco Webex Network Recording Player CVE-2017-12359 Cisco OpenVuln
Cisco Webex Meetings CVE-2017-12359 Cisco OpenVuln
Cisco WebEx Meetings Server CVE-2017-12359 Cisco OpenVuln
Cisco WebEx Meeting Center CVE-2017-12359 Cisco OpenVuln
Cisco WebEx ARF Player CVE-2017-12359 Cisco OpenVuln