Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ciscoCiscoCISCO-SA-20181003-WEBEX-RCE
HistoryOct 03, 2018 - 4:00 p.m.

Cisco Webex Network Recording Player and Cisco Webex Player Remote Code Execution Vulnerabilities

2018-10-0316:00:00
tools.cisco.com
553

EPSS

0.002

Percentile

62.2%

JSON

Multiple vulnerabilities in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system.

The vulnerabilities exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit these vulnerabilities by sending a user a malicious ARF or WRF file via a link or an email attachment and persuading the user to open the file by using the affected software. A successful exploit could allow the attacker to execute arbitrary code on the affected system.

Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.

This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-webex-rce [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181003-webex-rce”]

Affected configurations

Vulners
Node
ciscowebex_wrf_player_t29Matchany
OR
ciscowebex_playerMatchanymacos
OR
ciscowebex_wrf_player_t29Matchany
OR
ciscowebex_playerMatchanymacos
VendorProductVersionCPE
ciscowebex_wrf_player_t29anycpe:2.3:a:cisco:webex_wrf_player_t29:any:*:*:*:*:*:*:*
ciscowebex_playeranycpe:2.3:a:cisco:webex_player:any:*:*:*:*:macos:*:*

Related

prion 13
cve 13
zdi 11
nvd 13
cvelist 13
openvas 3
nessus 3
prion
prion
Format string
2018-10-05 14:29:00
Format string
2018-10-05 14:29:00
Format string
2018-10-05 14:29:00
cve
cve
CVE-2018-15431
2018-10-05 14:29:11
CVE-2018-15409
2018-10-05 14:29:09
CVE-2018-15417
2018-10-05 14:29:10
zdi
zdi
Cisco WebEx Recorder and Player ATAS32 Out-Of-Bounds Read Remote Code Execution Vulnerability
2018-10-08 00:00:00
Cisco WebEx Network Recording Player ATPDMOD ARF File Heap-based Buffer Overflow Vulnerability
2018-10-08 00:00:00
Cisco Webex Recorder and Player ATAS32 Out-Of-Bounds Read Remote Code Execution Vulnerability
2018-10-08 00:00:00
nvd
nvd
CVE-2018-15431
2018-10-05 14:29:11
CVE-2018-15413
2018-10-05 14:29:09
CVE-2018-15417
2018-10-05 14:29:10
cvelist
cvelist
CVE-2018-15431 Cisco Webex Network Recording Player and Cisco Webex Player Remote Code Execution Vulnerabilities
2018-10-05 14:00:00
CVE-2018-15417 Cisco Webex Network Recording Player and Cisco Webex Player Remote Code Execution Vulnerabilities
2018-10-05 14:00:00
CVE-2018-15416 Cisco Webex Network Recording Player and Cisco Webex Player Remote Code Execution Vulnerabilities
2018-10-05 14:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2019-1007)
2020-01-23 00:00:00
Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2018-1446)
2020-01-23 00:00:00
Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2019-1034)
2020-01-23 00:00:00
nessus
nessus
EulerOS 2.0 SP5 : libxml2 (EulerOS-SA-2019-1007)
2019-01-08 00:00:00
EulerOS 2.0 SP2 : libxml2 (EulerOS-SA-2018-1446)
2018-12-28 00:00:00
EulerOS 2.0 SP3 : libxml2 (EulerOS-SA-2019-1034)
2019-02-15 00:00:00

EPSS

0.002

Percentile

62.2%

JSON
Related for CISCO-SA-20181003-WEBEX-RCE
prion13cve13zdi11nvd13cvelist13openvas3nessus3