Executive Summary

Informations
NameCVE-2018-15419First vendor Publication2018-10-05
VendorCveLast vendor Modification2018-11-27

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score9.3Attack RangeNetwork
Cvss Impact Score10Attack ComplexityMedium
Cvss Expoit Score8.6AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit this vulnerability by sending a user a malicious ARF or WRF file via a link or an email attachment and persuading the user to open the file by using the affected software. A successful exploit could allow the attacker to execute arbitrary code on the affected system.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15419

CWE : Common Weakness Enumeration

%idName
100 %CWE-20Improper Input Validation

CPE : Common Platform Enumeration

TypeDescriptionCount
Application2
Application3
Application2
Application18

Sources (Detail)

SourceUrl
BID http://www.securityfocus.com/bid/105520
CISCO https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-s...
SECTRACK http://www.securitytracker.com/id/1041795

Alert History

If you want to see full details history, please login or register.
0
1
2
DateInformations
2018-11-27 17:20:17
  • Multiple Updates
2018-10-07 17:19:24
  • Multiple Updates
2018-10-05 21:19:42
  • First insertion