Cisco.WebEx.CVE-2019-15286.Memory.Corruption

description-logoDescription

This indicates an attack attempt against a Memory Corruption vulnerability in Cisco Webex Network Recording Player and Webex Player.
The vulnerability is caused by an error when the vulnerable software handles a crafted ARF file. A remote attacker may be able to exploit this to execute arbitrary code within the context of the user, via a crafted ARF file.

affected-products-logoAffected Products

Cisco Webex Meetings sites - All Webex Network Recording Player and Webex Player releases earlier than Release WBS 39.5.12
Cisco Webex Meetings Online - All Webex Network Recording Player and Webex Player releases earlier than Release 1.3.44
Cisco Webex Meetings Server - All Webex Network Recording Player releases earlier than Release 4.0MR2

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2019-11-13 14.723 Name:FG-VD-19-106_Cisco.
0day:Cisco.
WebEx.
CVE-2019-15286.
Memory.
Corruption
2019-11-01 14.716 Default_action:pass:drop
2019-10-23 14.709