Cisco Webex Player WRF Files Denial of Service Vulnerability
cisco-sa-20180905-webex-player-dos · Medium · Published · Updated
A vulnerability in the Cisco Webex Player for Webex Recording Format (WRF) files could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. An attacker could exploit this vulnerability by sending a user a link or email attachment with a malicious WRF file and persuading the user to open the file in the Cisco Webex Player. A successful exploit could cause the affected player to crash, resulting in a DoS condition. For more information about this vulnerability, see the Details section of this security advisory. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180905-webex-player-dos
There are no workarounds that address this vulnerability. However, it is possible to remove the affected Cisco Webex Player by following the software-removal procedure for the operating system. For example, in Windows, use Programs and Features to uninstall the affected players.
To remove Cisco Webex software from a system completely, use the Meeting Services Removal Tool (for Microsoft Windows users) or the Mac Webex Meeting Application Uninstaller (for Apple Mac OS X users), which are available for download from the Cisco Collaboration Help article Cisco WebEx and 3rd Party Support Utilities https://collaborationhelp.cisco.com/article/en-us/WBX000026396 .
To remove Cisco Webex software from a Linux or UNIX-based system, follow the steps in the Cisco Collaboration Help article How Do I Uninstall WebEx Software on a Linux or Unix Based System? https://collaborationhelp.cisco.com/article/en-us/WBX28548