Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Webex_meetings
(Cisco)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 57 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2018-01-04 | CVE-2018-0103 | A Buffer Overflow vulnerability in Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) files could allow a local attacker to execute arbitrary code on the system of a user. The attacker could exploit this vulnerability by sending the user a link or email attachment with a malicious ARF file and persuading the user to follow the link or launch the file. Successful exploitation could allow the attacker to execute arbitrary code on the user's system. This vulnerability... | Webex_business_suite, Webex_meetings, Webex_meetings_server, Webex_network_recording_player | 7.8 | ||
| 2017-07-25 | CVE-2017-6753 | A vulnerability in Cisco WebEx browser extensions for Google Chrome and Mozilla Firefox could allow an unauthenticated, remote attacker to execute arbitrary code with the privileges of the affected browser on an affected system. This vulnerability affects the browser extensions for Cisco WebEx Meetings Server, Cisco WebEx Centers (Meeting Center, Event Center, Training Center, and Support Center), and Cisco WebEx Meetings when they are running on Microsoft Windows. The vulnerability is due... | Webex_event_center, Webex_meeting_center, Webex_meetings, Webex_meetings_server, Webex_meetings_server_2\.0, Webex_meetings_server_2\.0_mr8_patch, Webex_meetings_server_2\.0_mr9_patch, Webex_meetings_server_2\.5, Webex_meetings_server_2\.5_mr2_patch, Webex_meetings_server_2\.5_mr5_patch, Webex_meetings_server_2\.5_mr6_patch, Webex_meetings_server_2\.6, Webex_meetings_server_2\.6_mr1_patch, Webex_meetings_server_2\.6_mr2_patch, Webex_meetings_server_2\.6_mr3_patch, Webex_meetings_server_2\.7, Webex_meetings_server_2\.7_mr1_patch, Webex_meetings_server_2\.7_mr2_patch, Webex_support_center, Webex_training_center | 8.8 | ||
| 2017-11-30 | CVE-2017-12372 | A "Cisco WebEx Network Recording Player Remote Code Execution Vulnerability" exists in Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) and WebEx Recording Format (WRF) files. A remote attacker could exploit this by providing a user with a malicious ARF or WRF file via email or URL and convincing the user to launch the file. Exploitation of this could cause an affected player to crash and, in some cases, could allow arbitrary code execution on the system of a targeted... | Webex_meetings, Webex_meetings_server | 9.6 | ||
| 2017-11-30 | CVE-2017-12371 | A "Cisco WebEx Network Recording Player Remote Code Execution Vulnerability" exists in Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) and WebEx Recording Format (WRF) files. A remote attacker could exploit this by providing a user with a malicious ARF or WRF file via email or URL and convincing the user to launch the file. Exploitation of this could cause an affected player to crash and, in some cases, could allow arbitrary code execution on the system of a targeted... | Webex_meetings | 9.6 | ||
| 2017-11-30 | CVE-2017-12370 | A "Cisco WebEx Network Recording Player Remote Code Execution Vulnerability" exists in Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) and WebEx Recording Format (WRF) files. A remote attacker could exploit this by providing a user with a malicious ARF or WRF file via email or URL and convincing the user to launch the file. Exploitation of this could cause an affected player to crash and, in some cases, could allow arbitrary code execution on the system of a targeted... | Webex_meetings | 9.6 | ||
| 2017-11-30 | CVE-2017-12369 | A "Cisco WebEx Network Recording Player Out-of-Bounds Vulnerability" exists in Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) and WebEx Recording Format (WRF) files. A remote attacker could exploit this by providing a user with a malicious ARF or WRF file via email or URL and convincing the user to launch the file. Exploitation of this could cause an affected player to crash and, in some cases, could allow arbitrary code execution on the system of a targeted user.... | Webex_meetings | 9.6 | ||
| 2017-11-30 | CVE-2017-12368 | A "Cisco WebEx Network Recording Player Remote Code Execution Vulnerability" exists in Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) and WebEx Recording Format (WRF) files. A remote attacker could exploit this by providing a user with a malicious ARF or WRF file via email or URL and convincing the user to launch the file. Exploitation of this could cause an affected player to crash and, in some cases, could allow arbitrary code execution on the system of a targeted... | Webex_meetings, Webex_meetings_server | 9.6 | ||
| 2018-03-05 | CVE-2017-17428 | Cavium Nitrox SSL, Nitrox V SSL, and TurboSSL software development kits (SDKs) allow remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a ROBOT attack. | Nitrox_ssl_sdk, Nitrox_v_ssl_sdk, Octeon_sdk, Octeon_ssl_sdk, Turbossl_sdk, Ace30_application_control_engine_module_firmware, Ace4710_application_control_engine_firmware, Adaptive_security_appliance_5505_firmware, Adaptive_security_appliance_5510_firmware, Adaptive_security_appliance_5520_firmware, Adaptive_security_appliance_5540_firmware, Adaptive_security_appliance_5550_firmware, Webex_conect_im, Webex_meetings | 5.9 | ||
| 2019-08-21 | CVE-2019-1948 | A vulnerability in Cisco Webex Meetings Mobile (iOS) could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data by using an invalid Secure Sockets Layer (SSL) certificate. The vulnerability is due to insufficient SSL certificate validation by the affected software. An attacker could exploit this vulnerability by supplying a crafted SSL certificate to an affected device. A successful exploit could allow the attacker to conduct man-in-the-middle attacks... | Webex_meetings | 5.9 | ||
| 2015-12-05 | CVE-2015-6384 | The Cisco WebEx Meetings application before 8.5.1 for Android improperly initializes custom application permissions, which allows attackers to bypass intended access restrictions via a crafted application, aka Bug ID CSCuw86442. | Webex_meetings | N/A |