PT-2018-8800 · Cisco · Cisco Webex Network Recording Player

Publicado

2018-07-18

Atualizado

2019-10-09

CVE-2018-0379

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Cisco Webex Network Recording Player (affected versions not specified)

Description The issue allows for arbitrary code execution on a targeted user's system. An attacker could exploit this by providing a user with a malicious .arf or .wrf file via email or URL and convincing the user to launch the file in the Webex recording players. These vulnerabilities affect ARF and WRF recording players available from Cisco Webex Meetings Suite sites, Cisco Webex Meetings Online sites, and Cisco Webex Meetings Server.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-119

Identificadores relacionados

CVE-2018-0379

ZDI-18-967

ZDI-18-968

ZDI-18-969

ZDI-18-970

ZDI-18-971

ZDI-18-972

ZDI-18-973

ZDI-18-974

ZDI-18-975

ZDI-18-976

ZDI-18-977

ZDI-18-978

Produtos afetados

Cisco Webex Network Recording Player

PT-2018-8800 · Cisco · Cisco Webex Network Recording Player

CVE-2018-0379

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 17