Cisco patches critical WebEx security holes
Summary: Cisco WebEx WRF Player vulnerable to six code execution vulnerabilities.
Cisco has released a security fix for at least six security holes that expose users of its WebEx Player software to remote code execution attacks.
The affected Cisco WebEx WRF Player is an application that is used to play back WebEx meeting recordings that have been recorded on the computer of an on-line meeting attendee.
Here's the skinny from Cisco's advisory:
Multiple buffer overflow vulnerabilities exist in the WRF Player. The vulnerabilities may lead to a crash of the WRF Player application, or in some cases, lead to remote code execution.
To exploit a vulnerability, a malicious WRF file would need to be opened by the WRF Player application. An attacker may be able to accomplish this by providing the malicious WRF file directly to users (for example, via e-mail), or by convincing users to visit a malicious website. The vulnerability cannot be triggered by users attending a WebEx meeting.
For corporate users that rely heavily on WebEx recordings, this should be treated as a high-priority update.
Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.
Talkback
Wow
make screwups like this. Sheesh. :(
RE: Cisco patches critical WebEx security holes
Just the software that plays them back.
RE: Cisco patches critical WebEx security holes
<a href="http://www.yuregininsesi.com">sesli sohbet</a> <a href="http://www.yuregininsesi.com">sesli chat</a>