Cisco.WebEx.CVE-2020-3322.Memory.Corruption

description-logoDescription

This indicates an attack attempt against a Memory Corruption vulnerability in Cisco Webex Network Recording Player and Webex Player.
The vulnerability is caused by an error when the vulnerable software handles a crafted ARF file. A remote attacker may be able to exploit this to execute arbitrary code within the context of the user, via a crafted ARF file.

affected-products-logoAffected Products

Cisco Webex Network Recording Player and Webex Player versions earlier than Release 3.0 MR3 Security Patch 2 and 4.0 MR3

Impact logoImpact

Denial of Service: Remote attackers can crash vulnerable application.

recomended-action-logoRecommended Actions

Apply the latest update from the vendor.
https://quickview.cloudapps.cisco.com/quickview/bug/CSCvs98269

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2020-06-05 15.858 Name:FG-VD-20-038_Cisco.
0day:Cisco.
WebEx.
CVE-2020-3322.
Memory.
Corruption
2020-06-05 15.858 Severity:high:medium
2020-04-30 15.831 Default_action:pass:drop
2020-04-20 15.824