漏洞标题
N/A
漏洞描述信息
在Cisco WebEx Network Recording Player中,存在一个“Cisco WebEx网络录制播放器远程代码执行漏洞”。远程攻击者可以通过电子邮件或URL向用户提供恶意的ARF或WRF文件,并说服用户运行文件。利用此漏洞可能会导致受影响的播放器崩溃,在某些情况下,还可能导致目标用户的系统执行任意代码。Cisco漏洞 ID: CSCvf38060, CSCvg54836, CSCvf38077, CSCvg54843, CSCvf38084, CSCvg54850。
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
A "Cisco WebEx Network Recording Player Remote Code Execution Vulnerability" exists in Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) and WebEx Recording Format (WRF) files. A remote attacker could exploit this by providing a user with a malicious ARF or WRF file via email or URL and convincing the user to launch the file. Exploitation of this could cause an affected player to crash and, in some cases, could allow arbitrary code execution on the system of a targeted user. Cisco Bug IDs: CSCvf38060, CSCvg54836, CSCvf38077, CSCvg54843, CSCvf38084, CSCvg54850.
CVSS信息
N/A
漏洞类别
内存缓冲区边界内操作的限制不恰当
漏洞标题
多款Cisco产品WebEx Recording Format Player和Advanced Recording Format Player 安全漏洞
漏洞描述信息
Cisco WebEx Business Suite(WBS30)client等都是美国思科(Cisco)公司的视频会议解决方案的客户端软件。WebEx Recording Format Player(WRF)和Advanced Recording Format Player(ARF)都是使用在其中的会议记录播放器。 多款Cisco产品中的WRF Player和ARF Player存在远程代码执行漏洞。远程攻击者可借助带有恶意ARF或WRF文件的邮件或URL,并诱使用户加载该文件利用该漏洞在目标用户系统上
CVSS信息
N/A
漏洞类别
缓冲区错误