Title

Multiple Vulnerabilities in Cisco WebEX (Cat II impact)

Discussion

Cisco has released a security advisory addressing multiple vulnerabilities in Cisco WebEx Recording Format (WRF) and Advanced Recording Format (ARF) Players. The Cisco WebEx WRF and ARF Player are application used to play back WebEx meeting recordings that have been recorded on a WebEx meeting site or on the computer of an online meeting attendee. To exploit these vulnerabilities, an attacker would craft malicious recording files and send them directly to users via email or by directing a user to a malicious web page. If successfully exploited, the attacker would cause the Cisco WebEx WRF or ARF Player application to crash and, in some cases, allow a remote attacker to execute arbitrary code on the system with the privileges of the user who is running the Cisco WebEx WRF Player application.

Check Content

Fix Text

Additional Identifiers

Rule ID:

Vulnerability ID: V-50441

Group Title:

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.