漏洞标题
Cisco Webex网络录音播放器远程代码执行漏洞
漏洞描述信息
Cisco Webex Network Recording Player for Microsoft Windows 和 Cisco Webex Player for Microsoft Windows 中存在一个漏洞,该漏洞可能允许攻击者在受影响的系统上执行任意代码。此漏洞的存在是因为受影响的软件未能正确验证高级录制格式(ARF)和Webex录制格式(WRF)文件。攻击者可能通过以下方式利用此漏洞:通过链接或电子邮件附件向用户发送恶意的 ARF 或 WRF 文件,然后诱使用户使用受影响的软件打开该文件。成功的利用可能允许攻击者在受影响的系统上执行任意代码。
CVSS信息
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
漏洞类别
N/A
漏洞标题
Cisco Webex Network Recording Player Remote Code Execution Vulnerabilities
漏洞描述信息
A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit this vulnerability by sending a user a malicious ARF or WRF file via a link or an email attachment and persuading the user to open the file by using the affected software. A successful exploit could allow the attacker to execute arbitrary code on the affected system.
CVSS信息
N/A
漏洞类别
输入验证不恰当
漏洞标题
Cisco Webex Network Recording Player 缓冲区错误漏洞
漏洞描述信息
Cisco Webex Meetings Suite等都是美国思科(Cisco)公司的多功能视频会议解决方案。Webex Network Recording Player是其中的一个用于播放会议记录的视频播放器。 Cisco Webex Network Recording Player(用于ARF格式)中存在安全漏洞。远程攻击者可通过向用户发送特制的链接或含有恶意文件的邮件附件并诱使用户在播放器中打开该文件利用该漏洞在受影响的系统上执行任意代码。以下产品和版本受到影响:Cisco Webex Meetin
CVSS信息
N/A
漏洞类别
缓冲区错误