Cisco Security Advisory: Multiple Cisco WebEx Player Vulnerabilities.
Cisco WebEx recording players. Microsoft Windows, Apple Mac OS X, and Linux versions of the player are all affected. Affected versions of the players are those prior to client builds T27LC SP22 and T27LB SP21 EP3.
Multiple buffer overflow vulnerabilities exist in the WRF and ARF players. The vulnerabilities may lead to a crash of the player application or, in some cases, remote code execution could occur.
Cisco Security Advisory: Multiple Cisco WebEx Player Vulnerabilities, when a web application is configured to use a DBMS, allows remote attackers to obtain potentially sensitive information about the database structure via an id=- query to a .cfm file.
Successful exploitation of the vulnerabilities described in this document could result in a crash of the Cisco WebEx ARF Player or WRF Player application and, in some cases, allow a remote attacker to execute arbitrary code on the system with the privileges of the user who is running the recording player application.
These vulnerabilities were either found during internal testing or reported to Cisco by a variety of sources, including Core Security, TippingPoint, and Fortinet's FortiGuard Labs.
These vulnerabilities are first fixed in T27LC SP22 and T27LB SP21 EP3. For customers who are running T27LC SP22, the client build will be represented as 27.22SP.0.9253. The fix for customers who are running T27LB SP21 will be deployed by WebEx over the next few weeks. The client build will be determined after the software is deployed.
The client build is listed in the Support > Downloads section of the WebEx page after a user authenticates. If a recording player was automatically installed, it will be automatically upgraded to the latest, nonvulnerable version when users access a recording file that is hosted on a WebEx server.