Cisco Webex Meetings vulnerabilities

CVE-2018-0264 [CRITICAL] CWE-20 CVE-2018-0264: A vulnerability in the Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) file A vulnerability in the Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) files could allow an unauthenticated, remote attacker to execute arbitrary code on the system of a targeted user. An attacker could exploit this vulnerability by sending the user a link or email attachment with a malicious ARF file and persuading the user

CVE-2018-0112 [CRITICAL] CWE-20 CVE-2018-0112: A vulnerability in Cisco WebEx Business Suite clients, Cisco WebEx Meetings, and Cisco WebEx Meeting A vulnerability in Cisco WebEx Business Suite clients, Cisco WebEx Meetings, and Cisco WebEx Meetings Server could allow an authenticated, remote attacker to execute arbitrary code on a targeted system. The vulnerability is due to insufficient input validation by the Cisco WebEx clients. An attacker could exploit this vulnerability by providing meeti

CVE-2017-17428 [MEDIUM] CWE-327 CVE-2017-17428: Cavium Nitrox SSL, Nitrox V SSL, and TurboSSL software development kits (SDKs) allow remote attacker Cavium Nitrox SSL, Nitrox V SSL, and TurboSSL software development kits (SDKs) allow remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a ROBOT attack.

CVE-2017-12368 [CRITICAL] CWE-119 CVE-2017-12368: A "Cisco WebEx Network Recording Player Remote Code Execution Vulnerability" exists in Cisco WebEx N A "Cisco WebEx Network Recording Player Remote Code Execution Vulnerability" exists in Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) and WebEx Recording Format (WRF) files. A remote attacker could exploit this by providing a user with a malicious ARF or WRF file via email or URL and convincing the user to launch the file

CVE-2017-12372 [CRITICAL] CWE-119 CVE-2017-12372: A "Cisco WebEx Network Recording Player Remote Code Execution Vulnerability" exists in Cisco WebEx N A "Cisco WebEx Network Recording Player Remote Code Execution Vulnerability" exists in Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) and WebEx Recording Format (WRF) files. A remote attacker could exploit this by providing a user with a malicious ARF or WRF file via email or URL and convincing the user to launch the file

CVE-2017-12370 [CRITICAL] CWE-119 CVE-2017-12370: A "Cisco WebEx Network Recording Player Remote Code Execution Vulnerability" exists in Cisco WebEx N A "Cisco WebEx Network Recording Player Remote Code Execution Vulnerability" exists in Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) and WebEx Recording Format (WRF) files. A remote attacker could exploit this by providing a user with a malicious ARF or WRF file via email or URL and convincing the user to launch the file

CVE-2017-12371 [CRITICAL] CWE-119 CVE-2017-12371: A "Cisco WebEx Network Recording Player Remote Code Execution Vulnerability" exists in Cisco WebEx N A "Cisco WebEx Network Recording Player Remote Code Execution Vulnerability" exists in Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) and WebEx Recording Format (WRF) files. A remote attacker could exploit this by providing a user with a malicious ARF or WRF file via email or URL and convincing the user to launch the file

CVE-2017-12369 [CRITICAL] CWE-119 CVE-2017-12369: A "Cisco WebEx Network Recording Player Out-of-Bounds Vulnerability" exists in Cisco WebEx Network R A "Cisco WebEx Network Recording Player Out-of-Bounds Vulnerability" exists in Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) and WebEx Recording Format (WRF) files. A remote attacker could exploit this by providing a user with a malicious ARF or WRF file via email or URL and convincing the user to launch the file. Exploi

CVE-2017-6753 [HIGH] CWE-119 CVE-2017-6753: A vulnerability in Cisco WebEx browser extensions for Google Chrome and Mozilla Firefox could allow A vulnerability in Cisco WebEx browser extensions for Google Chrome and Mozilla Firefox could allow an unauthenticated, remote attacker to execute arbitrary code with the privileges of the affected browser on an affected system. This vulnerability affects the browser extensions for Cisco WebEx Meetings Server, Cisco WebEx Centers (Meeting Center, Event C

CVE-2015-6384 [MEDIUM] CWE-264 CVE-2015-6384: The Cisco WebEx Meetings application before 8.5.1 for Android improperly initializes custom applicat The Cisco WebEx Meetings application before 8.5.1 for Android improperly initializes custom application permissions, which allows attackers to bypass intended access restrictions via a crafted application, aka Bug ID CSCuw86442.