Several critical vulnerabilities found in Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) and WebEx Recording Format (WRF) files.
Cisco WebEx is an organization that provides on-demand collaboration, online meeting, web conferencing and video conferencing apps. This secure software-based platform for video and audio conferencing help companies be more productive.
A remote attacker could exploit these security flaws by delivering a malicious ARF or WRF file to the victim via email or URL and urging the victim to launch the file. Successful exploitation of these vulnerabilities could cause a denial-of-service (DoS) situation in the software (the app will be crashed) and probably execute arbitrary code on the victim machine.
Cisco has updated the affected versions of the Cisco WebEx Business Suite meeting sites, Cisco WebEx Meetings sites, Cisco WebEx Meetings Server, and Cisco WebEx ARF and WRF Players to patch these critical issues.
To detect if a Cisco WebEx meeting website is running an affected version of the WebEx client build, users can log in to the WebEx meeting website and move to the Support > Downloads section, on the right side of the page under About Meeting Center, you will see the version of the WebEx client.