You are here
Home > Preporuke > Ranjivost u Cisco WebEx platformi

Ranjivost u Cisco WebEx platformi

  • Detalji os-a: WN7
  • Važnost: URG
  • Operativni sustavi: L
  • Kategorije: CIS

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1

Cisco Security Advisory: Cisco WebEx Clients Remote Code Execution Vulnerability

Advisory ID: cisco-sa-20180418-wbs

Revision: 1.0

For Public Release: 2018 April 18 16:00 GMT

Last Updated: 2018 April 18 16:00 GMT

CVE ID(s): CVE-2018-0112

CVSS Score v(3): 9.0 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H

+———————————————————————

Summary

=======

A vulnerability in Cisco WebEx Business Suite clients, Cisco WebEx Meetings, and Cisco WebEx Meetings Server could allow an authenticated, remote attacker to execute arbitrary code on a targeted system.

The vulnerability is due to insufficient input validation by the Cisco WebEx clients. An attacker could exploit this vulnerability by providing meeting attendees with a malicious Flash (.swf) file via the file-sharing capabilities of the client. Exploitation of this vulnerability could allow arbitrary code execution on the system of a targeted user.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-wbs [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180418-wbs”]

—–BEGIN PGP SIGNATURE—–

iQJ5BAEBAgBjBQJa1274XBxDaXNjbyBQcm9kdWN0IFNlY3VyaXR5IEluY2lkZW50
IFJlc3BvbnNlIFRlYW0gKENpc2NvIFBTSVJUIGtleSAyMDE4LTIwMTkpIDxwc2ly
dEBjaXNjby5jb20+AAoJEJa12PPJBfcz35YP/iRm5g+2bcmdETlc15BQGSTuWVCI
x2MHrb9imVI59X5Kj20TdICCnWSDMy/sWgQ4YNgl1cQMMm7+qN2kP7EizCWUkvFF
cNep47p8zs5K6MWlraG3vxsoEs9D9VqBNce3Xq4dSynaSIY4KUzOxy4hmGhtUqg1
6Zk7eVyay/9AjbbflrfwZfFNdhauZUO2JFir3QDX5Uv3egi7pvojisyrSkDeSALL
WmN1cEE1sKUBntRi3xqL9p1CLaLPLmjlk1XBygvWncOPS/JMRUAaz54k/MG9XIx7
mmU9EnFWczCY9mQxQzk0zHycoe7hgnwcEtoc8GHxElIQoYtNW7d90dgTPSkw3wE8
wKZCusl1G6KIYFMxTq6kr45s+zgWKlwY+LX6R2xB64m1uvcvdpHcAjgyOZ23CR+s
JyT+YQfebR56t5nYMqfvM2pbHx+H5Dxnxl/sHUTNLc1bKq+SQcUovIpUnGr1cyPb
V+S+z2MJQRHhzTjr4n6xE7AGARmqukPFBoueP9xnQuN8zUInlV8M9TMjU6FKBstf
yMa193QimHrnRBX6xuznhlcd2UyPLIG+9spwel1tOh3jrZgxzVe5DOODlstD3yuT
+UemvYCe3tTn9S5Vhekp8TPgwh59CvnbVYRGHN3E1+QW23Ho2CBnW+xO8RxQknvC
oM2ODEeAwap+kBwR
=Pf07
—–END PGP SIGNATURE—–

_______________________________________________
cust-security-announce mailing list
cust-security-announce@cisco.com
To unsubscribe, send the command “unsubscribe” in the subject of your message to cust-security-announce-leave@cisco.com

AutorPetar Bertok
Cert idNCERT-REF-2018-04-0001-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
IzvorAdobe
Top