Cisco Webex vulnerabilities

9 known vulnerabilities affecting cisco/webex.

Total CVEs
9
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL6HIGH1MEDIUM2

Vulnerabilities

Page 1 of 1
CVE-2017-3823HIGHCVSS 8.8PoC≤ 1.0.62017-02-01
CVE-2017-3823 [HIGH] CWE-119 CVE-2017-3823: An issue was discovered in the Cisco WebEx Extension before 1.0.7 on Google Chrome, the ActiveTouch An issue was discovered in the Cisco WebEx Extension before 1.0.7 on Google Chrome, the ActiveTouch General Plugin Container before 106 on Mozilla Firefox, the GpcContainer Class ActiveX control plugin before 10031.6.2017.0126 on Internet Explorer, and the Download Manager ActiveX control plugin before 2.1.0.10 on Internet Explorer. A vulnerability in th
nvd
CVE-2013-3425MEDIUMCVSS 4.0v11.02013-07-31
CVE-2013-3425 [MEDIUM] CWE-264 CVE-2013-3425: The Meeting Center component in Cisco WebEx 11 generates different error messages for invalid file-a The Meeting Center component in Cisco WebEx 11 generates different error messages for invalid file-access attempts depending on whether a file exists, which allows remote authenticated users to enumerate files via a series of SPI calls, aka Bug ID CSCuc35965.
nvd
CVE-2012-6399MEDIUMCVSS 5.8v4.12013-05-27
CVE-2012-6399 [MEDIUM] CWE-20 CVE-2012-6399: Cisco WebEx 4.1 on iOS does not verify that the server hostname matches a domain name in the subject Cisco WebEx 4.1 on iOS does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate, aka Bug ID CSCud94176.
nvd
CVE-2009-2879CRITICALCVSS 9.3v26.00v27.002009-12-18
CVE-2009-2879 [CRITICAL] CVE-2009-2879: Heap-based buffer overflow in atas32.dll in the Cisco WebEx WRF Player 26.x before 26.49.32 (aka T26 Heap-based buffer overflow in atas32.dll in the Cisco WebEx WRF Player 26.x before 26.49.32 (aka T26SP49EP32) for Windows, 27.x before 27.10.x (aka T27SP10) for Windows, 26.x before 26.49.35 for Mac OS X and Linux, and 27.x before 27.11.8 for Mac OS X and Linux allows remote attackers to cause a denial of service (application crash) or execute arbitrary cod
nvd
CVE-2009-2876CRITICALCVSS 9.3v26.00v27.002009-12-18
CVE-2009-2876 [CRITICAL] CWE-119 CVE-2009-2876: Heap-based buffer overflow in atas32.dll in the Cisco WebEx WRF Player 26.x before 26.49.32 (aka T26 Heap-based buffer overflow in atas32.dll in the Cisco WebEx WRF Player 26.x before 26.49.32 (aka T26SP49EP32) for Windows, 27.x before 27.10.x (aka T27SP10) for Windows, 26.x before 26.49.35 for Mac OS X and Linux, and 27.x before 27.11.8 for Mac OS X and Linux allows remote attackers to cause a denial of service (application crash) or execute arbit
nvd
CVE-2009-2878CRITICALCVSS 9.3v26.00v27.002009-12-18
CVE-2009-2878 [CRITICAL] CVE-2009-2878: Heap-based buffer overflow in atas32.dll in the Cisco WebEx WRF Player 26.x before 26.49.32 (aka T26 Heap-based buffer overflow in atas32.dll in the Cisco WebEx WRF Player 26.x before 26.49.32 (aka T26SP49EP32) for Windows, 27.x before 27.10.x (aka T27SP10) for Windows, 26.x before 26.49.35 for Mac OS X and Linux, and 27.x before 27.11.8 for Mac OS X and Linux allows remote attackers to cause a denial of service (application crash) or execute arbitrary cod
nvd
CVE-2009-2880CRITICALCVSS 9.3v26.00v27.002009-12-18
CVE-2009-2880 [CRITICAL] CWE-119 CVE-2009-2880: Buffer overflow in atrpui.dll in the Cisco WebEx WRF Player 26.x before 26.49.32 for Windows, 27.x b Buffer overflow in atrpui.dll in the Cisco WebEx WRF Player 26.x before 26.49.32 for Windows, 27.x before 27.10.x for Windows, 26.x before 26.49.35 for Mac OS X and Linux, and 27.x before 27.11.8 for Mac OS X and Linux allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted WebEx Reco
nvd
CVE-2009-2875CRITICALCVSS 9.3v26.00v27.002009-12-18
CVE-2009-2875 [CRITICAL] CWE-119 CVE-2009-2875: Buffer overflow in atas32.dll in the Cisco WebEx WRF Player 26.x before 26.49.32 for Windows, 27.x b Buffer overflow in atas32.dll in the Cisco WebEx WRF Player 26.x before 26.49.32 for Windows, 27.x before 27.10.x for Windows, 26.x before 26.49.35 for Mac OS X and Linux, and 27.x before 27.11.8 for Mac OS X and Linux allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted WebEx Reco
nvd
CVE-2009-2877CRITICALCVSS 9.3v26.00v27.002009-12-18
CVE-2009-2877 [CRITICAL] CWE-119 CVE-2009-2877: Stack-based buffer overflow in ataudio.dll in the Cisco WebEx WRF Player 26.x before 26.49.32 for Wi Stack-based buffer overflow in ataudio.dll in the Cisco WebEx WRF Player 26.x before 26.49.32 for Windows, 27.x before 27.10.x (aka T27SP10) for Windows, 26.x before 26.49.35 for Mac OS X and Linux, and 27.x before 27.11.8 for Mac OS X and Linux allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a
nvd