CVE-2016-1464

Опубликовано: 03 сент. 2016

Источник: nvd

CVSS3: 7.8

CVSS2: 9.3

EPSS Низкий

Описание

Cisco WebEx Meetings Player T29.10, when WRF file support is enabled, allows remote attackers to execute arbitrary code via a crafted file, aka Bug ID CSCva09375.

Ссылки

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160831-meetings-player
Vendor Advisory
http://www.securityfocus.com/bid/92708
http://www.securitytracker.com/id/1036712
https://www.exploit-db.com/exploits/40508/
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160831-meetings-player
Vendor Advisory
http://www.securityfocus.com/bid/92708
http://www.securitytracker.com/id/1036712
https://www.exploit-db.com/exploits/40508/

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:cisco:webex_wrf_player_t29:sp10_base:*:*:*:*:*:*:*

EPSS

Процентиль: 89%

0.04485

Низкий

7.8 High

CVSS3

9.3 Critical

CVSS2

Дефекты

CWE-20

Связанные уязвимости

GHSA-2r6v-2267-cw2r