CVE-2016-4349Cisco Webex Productivity Tools vulnerability

3 documents3 sources
Severity
7.8HIGHNVD
EPSS
0.3%
top 46.92%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Webex Productivity Tools
Timeline
PublishedApr 28
Latest updateMay 17

Description

Untrusted search path vulnerability in Cisco WebEx Productivity Tools 2.40.5001.10012 allows local users to gain privileges via a Trojan horse cryptsp.dll, dwmapi.dll, msimg32.dll, ntmarta.dll, propsys.dll, riched20.dll, rpcrtremote.dll, secur32.dll, sxs.dll, or uxtheme.dll file in the current working directory, aka Bug ID CSCuy56140.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages1 packages

NVDcisco/webex_productivity_tools2.40.5001.10012

🔴Vulnerability Details

2
GHSA
GHSA-547v-44qj-fv7w: Untrusted search path vulnerability in Cisco WebEx Productivity Tools 22022-05-17
CVEList
CVE-2016-4349: Untrusted search path vulnerability in Cisco WebEx Productivity Tools 22016-04-28
CVE-2016-4349 — Cisco vulnerability | cvebase