Cisco Webex Network Recording Player and Cisco Webex Player Denial of Service Vulnerability

A vulnerability in Cisco Webex Network Recording Player and Cisco Webex Player for Microsoft Windows could allow an attacker to cause a process crash resulting in a Denial of service (DoS) condition for the player application on an affected system. The vulnerability exists due to insufficient validation of certain elements with a Webex recording stored in either the Advanced Recording Format (ARF) or the Webex Recording Format (WRF). An attacker could exploit this vulnerability by sending a user a malicious ARF or WRF file through a link or email attachment and persuading the user to open the file with the affected software on the local system. A successful exploit could allow the attacker to cause the Webex player application to crash when trying to view the malicious file.

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

输入验证不恰当

Cisco Webex Network Recording Player和Cisco Webex Player 输入验证错误漏洞

Cisco Webex Network Recording Player和Cisco Webex Network Webex Player都是美国思科（Cisco）公司的一款用于播放视频会议记录的播放器。 Cisco Webex Network Recording Player和Cisco Webex Player基于Windows平台存在输入验证错误漏洞。攻击者可通过链接或邮件附件发送恶意的ARF或WRF文件并诱使用户打开该文件利用该漏洞造成进程崩溃，导致拒绝服务。

N/A

N/A