The Cisco Product Security Incident Response Team (PSIRT) has published one important vulnerability advisory:
- Buffer Overflow Vulnerabilities in the Cisco WebEx Player
Buffer Overflow Vulnerabilities in the Cisco WebEx Player
The Cisco WebEx Recording Format (WRF) player contains three buffer overflow vulnerabilities. In some cases, exploitation of the vulnerabilities could allow a remote attacker to execute arbitrary code on the system with the privileges of a targeted user.
The vulnerabilities disclosed in this advisory affect the Cisco WebEx Recording Format (WRF) player. The following client builds of Cisco WebEx Business Suite (WBS 27) are affected by at least one of the vulnerabilities that are described in this advisory:
- Client builds 27.32.0 (T27 LD SP32) and prior
- Client builds 27.25.9 (T27 LC SP25 EP9) and prior
- Client builds 27.21.10 (T27 LB SP21 EP10) and prior
- Client builds 27.11.26 (T27 L SP11 EP26) and prior
To determine the WebEx client build, users can log in to their Cisco WebEx meeting site and navigate to the Support > Downloads section. The version of the WebEx client build will be displayed on the right side of the page. Cisco WebEx software updates are cumulative in client builds.
The following Common Vulnerabilities and Exposures (CVE) identifiers have been assigned for the buffer overflows in this advisory:
Exploitation of the vulnerabilities may cause the player application to crash or, in some cases, result in remote code execution. To exploit one of these vulnerabilities, the player application must open a malicious WRF file. An attacker may be able to accomplish this exploit by providing the malicious recording file directly to users (for example, by using e-mail) or by directing a user to a malicious web page. The vulnerabilities cannot be triggered by users who are attending a WebEx meeting.
Successful exploitation of the vulnerabilities described in this document could cause the Cisco WRF player application to crash and, in some cases, allow a remote attacker to execute arbitrary code on the system with the privileges of the user who is running the WRF player application.