4 results (0.004 seconds)

CVSS: 9.3EPSS: 16%CPEs: 63EXPL: 0

25 Jul 2017 — A vulnerability in Cisco WebEx browser extensions for Google Chrome and Mozilla Firefox could allow an unauthenticated, remote attacker to execute arbitrary code with the privileges of the affected browser on an affected system. This vulnerability affects the browser extensions for Cisco WebEx Meetings Server, Cisco WebEx Centers (Meeting Center, Event Center, Training Center, and Support Center), and Cisco WebEx Meetings when they are running on Microsoft Windows. The vulnerability is due to a design defec... • http://www.securityfocus.com/bid/99614 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 79%CPEs: 54EXPL: 1

01 Feb 2017 — An issue was discovered in the Cisco WebEx Extension before 1.0.7 on Google Chrome, the ActiveTouch General Plugin Container before 106 on Mozilla Firefox, the GpcContainer Class ActiveX control plugin before 10031.6.2017.0126 on Internet Explorer, and the Download Manager ActiveX control plugin before 2.1.0.10 on Internet Explorer. A vulnerability in these Cisco WebEx browser extensions could allow an unauthenticated, remote attacker to execute arbitrary code with the privileges of the affected browser on ... • https://packetstorm.news/files/id/140870 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.8EPSS: 0%CPEs: 1EXPL: 0

26 Jan 2017 — A vulnerability in a URL parameter of Cisco WebEx Meeting Center could allow an unauthenticated, remote attacker to perform site redirection. More Information: CSCzu78401. Known Affected Releases: T28.1. Una vulnerabilidad en un parámetro URL de Cisco WebEx Meeting Center podría permitir a un atacante remoto no autenticado realizar redirección de sitio. Más información: CSCzu78401. • http://www.securityfocus.com/bid/95642 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •

CVSS: 7.8EPSS: 12%CPEs: 291EXPL: 0

04 Apr 2016 — The encryption-processing feature in Cisco libSRTP before 1.5.3 allows remote attackers to cause a denial of service via crafted fields in SRTP packets, aka Bug ID CSCux00686. La característica de procesado de cifrado en Cisco libSRTP en versiones anteriores a 1.5.3 permite a atacantes remotos provocar una denegación de servicio a través de campos manipulados en paquetes SRTP, también conocida como Bug ID CSCux00686. Randell Jesup and the Firefox team discovered that srtp, Cisco's reference implementation o... • http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160420-libsrtp • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •