VDB
CVE-2017-12359
CVE-2017-12359
PUBLISHED
CVSS 4.300000190734863 MEDIUM
A Buffer Overflow vulnerability in Cisco WebEx Network Recording Player for Advanced Recording Format (.arf) files could allow an attacker to execute arbitrary code on a system. An attacker could exploit this vulnerability by providing a user with a malicious .arf file via email or URL and convincing the user to launch the file. Exploitation of this vulnerability could allow arbitrary code execution on the system of the targeted user. This vulnerability affects Cisco WebEx Business Suite meeting sites, Cisco WebEx Meetings sites, Cisco WebEx Meetings Server, and Cisco WebEx ARF players. Cisco Bug IDs: CSCve10729, CSCve10771, CSCve10779, CSCve11521, CSCve11543.
EPSS 1.03% · 77.7th percentile
Risk Scores
CVSS 2.0
4.300000190734863
EPSS Score
1.03%
77.7th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| cisco | webex_meetings_server | 2.6.0, 2.7.0 |
| cisco | webex_meeting_center | t29, t30, t31 |
| n/a | Cisco WebEx Network Recording Player | Cisco WebEx Network Recording Player |
Exploit Intelligence
Timeline
- Nov 29, 2017 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Feb 28, 2022 EPSS Score
- May 2, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
- Nov 6, 2022 EPSS Score
- Jan 8, 2023 EPSS Score
- Mar 7, 2023 EPSS Score