Cisco WebEx Network Recording Player远程代码执行漏洞(CVE-2018-0104)
Cisco WebEx Network Recording Player远程代码执行漏洞(CVE-2018-0104)
Cisco WebEx Network Recording Player远程代码执行漏洞(CVE-2018-0104)
发布日期:2018-01-09
更新日期:2018-01-16
受影响系统:
Cisco WebEx Network Recording Player
描述:
BUGTRAQ ID: 102382
CVE(CAN) ID: CVE-2018-0104
Cisco WebEx Meetings是网络会议解决方案。
Cisco WebEx Network Recording Player在处理构造的ARF文件中存在安全漏洞,成功利用后可使攻击者在受影响系统上执行任意代码。
<*来源:Steven Seeley (seeleymagic@hotmail.com)
链接:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180103-warfp
*>
建议:
厂商补丁:
Cisco
-----
Cisco已经为此发布了一个安全公告(cisco-sa-20180103-warfp)以及相应补丁:
cisco-sa-20180103-warfp:Cisco WebEx Advanced Recording Format Player Remote Code Execution Vulnerability
链接:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180103-warfp
评论暂时关闭