CVE-2017-12359

CWE-119Buffer Overflow4 documents4 sources
Severity
6.5MEDIUM
EPSS
1.0%
top 22.70%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Cisco Webex Meeting CenterCisco Webex Meetings Server
Timeline
PublishedNov 30
Latest updateMay 17

Description

A Buffer Overflow vulnerability in Cisco WebEx Network Recording Player for Advanced Recording Format (.arf) files could allow an attacker to execute arbitrary code on a system. An attacker could exploit this vulnerability by providing a user with a malicious .arf file via email or URL and convincing the user to launch the file. Exploitation of this vulnerability could allow arbitrary code execution on the system of the targeted user. This vulnerability affects Cisco WebEx Business Suite meeting

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages3 packages

NVDcisco/webex_meetings_server2.6.0, 2.7.0+1
CVEListV5cisco_webex_network_recording_playerCisco WebEx Network Recording Player
NVDcisco/webex_meeting_center4 versions+3

🔴Vulnerability Details

2
GHSA
GHSA-8gqr-jppf-2jgm: A Buffer Overflow vulnerability in Cisco WebEx Network Recording Player for Advanced Recording Format (2022-05-17
CVEList
CVE-2017-12359: A Buffer Overflow vulnerability in Cisco WebEx Network Recording Player for Advanced Recording Format (2017-11-30

📋Vendor Advisories

1
Cisco
Cisco WebEx Network Recording Player Buffer Overflow Vulnerability2017-11-29
CVE-2017-12359 (MEDIUM CVSS 6.5) | A Buffer Overflow vulnerability in | cvebase.io