CVE-2017-6669

Name of the Vulnerable Software and Affected Versions Cisco WebEx Network Recording Player versions prior to T29.13.130 Cisco WebEx Network Recording Player versions prior to T30.17 Cisco WebEx Network Recording Player versions prior to T31.10

Description Multiple buffer overflow vulnerabilities exist in the Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) files. An attacker could exploit these vulnerabilities by providing a user with a malicious ARF file via email or URL and convincing the user to launch the file. Exploitation of these vulnerabilities could cause an affected player to crash and, in some cases, could allow arbitrary code execution on the system of a targeted user. The Cisco WebEx Network Recording Player is an application that is used to play back WebEx meeting recordings that have been recorded on the computer of an online meeting attendee.

Recommendations For versions prior to T29.13.130, update to T29.13.130 or later to resolve the issue. For versions prior to T30.17, update to T30.17 or later to resolve the issue. For versions prior to T31.10, update to T31.10 or later to resolve the issue. As a temporary workaround, consider avoiding the use of ARF files from untrusted sources until a patch is available.