New! Vulnerability Priority Rating (VPR)
Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.
VPR Score: 5.9
SynopsisThe video player installed on the remote Windows host is affected by a remote code execution vulnerability.
DescriptionThe version of Cisco WebEx Network Recording Player installed on the remote host is affected by a remote code execution vulnerability due to multiple buffer overflow conditions in the Advanced Recording Format (ARF) file player. An unauthenticated, remote attacker can exploit this, by convincing a user to open a specially crafted ARF file using email or a URL, to cause a denial of service condition or the execution of arbitrary code.
SolutionUpgrade to the relevant fixed version of WebEx Network Recording Player referenced in Cisco advisory cisco-sa-20170621-wnrp.