Buffer Overflow Vulnerability in Cisco WebEx Network Recording Player
CVE-2017-12359

6.5MEDIUM

Key Information:

Vendor: Cisco
Status: Cisco Webex Network Recording Player
Vendor: CVE Published:; 30 November 2017

Summary

A buffer overflow vulnerability exists within Cisco WebEx Network Recording Player when processing Advanced Recording Format (.arf) files. This flaw potentially allows an attacker to execute arbitrary code on the affected system. By enticing a user to open a malicious .arf file, which could be delivered through email or a malicious link, an attacker may gain unauthorized access and control over the user's system. This vulnerability impacts several Cisco products, including Business Suite, Meetings sites, Meetings Server, and ARF players, posing a significant risk to users who rely on these platforms for recording and sharing meetings.

Affected Version(s)

Cisco WebEx Network Recording Player Cisco WebEx Network Recording Player

References

http://www.securityfocus.com/bid/102186

vdb-entryx_refsource_BID

https://tools.cisco.com/security/center/content/CiscoSecu...

x_refsource_CONFIRM

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Nov 30, 2017
Vulnerability Reserved
Aug 3, 2017