漏洞标题
思科Webex网络录音播放器和思科Webex播放器远程代码执行漏洞
漏洞描述信息
Cisco Webex Network Recording Player for Microsoft Windows 和 Cisco Webex Player for Microsoft Windows 中存在一个漏洞,该漏洞可能允许攻击者在受影响的系统上执行任意代码。此漏洞的存在是因为受影响的软件未能正确验证高级录制格式(ARF)和Webex录制格式(WRF)文件。攻击者可能通过以下方式利用此漏洞:通过链接或电子邮件附件向用户发送恶意的 ARF 或 WRF 文件,然后诱使用户使用受影响的软件打开该文件。成功的利用可能允许攻击者在受影响的系统上执行任意代码。
CVSS信息
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
漏洞类别
N/A
漏洞标题
Cisco Webex Network Recording Player and Cisco Webex Player Remote Code Execution Vulnerabilities
漏洞描述信息
A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit this vulnerability by sending a user a malicious ARF or WRF file via a link or an email attachment and persuading the user to open the file by using the affected software. A successful exploit could allow the attacker to execute arbitrary code on the affected system.
CVSS信息
N/A
漏洞类别
输入验证不恰当
漏洞标题
Cisco Webex Network Recording Player和Webex Player 输入验证漏洞
漏洞描述信息
Cisco Webex Network Recording Player和Webex Player都是美国思科(Cisco)公司的用于播放视频会议记录的播放器。 基于Windows平台的Cisco Webex Network Recording Player和Webex Player中存在输入验证漏洞,该漏洞源于软件对Advanced Recording Format (ARF)和Webex Recording Format (WRF)文件验证不当。攻击者可通过发送恶意的ARF或WRF文件利用该漏洞在受影
CVSS信息
N/A
漏洞类别
输入验证错误