安全研究
安全漏洞
Cisco Webex Network Recording Player and Webex Player内存破坏漏洞(CVE-2021-1502)
发布日期:2021-06-02
更新日期:2021-06-04
受影响系统:Cisco Webex Network Recording Player for Windows < 41.4
Cisco Webex Player for Windows < 41.4
Cisco Webex Network Recording Player for MacOS < 41.4
Cisco Webex Player for MacOS < 41.4
描述:
CVE(CAN) ID:
CVE-2021-1502
WebEx Network Recording Player是一款录制高级文件格式文件WebEx播放器。
Cisco Webex Network Recording Player for Windows和MacOS 41.4之前版本和Cisco Webex Player for Windows和MacOS 41.4之前版本存在内存破坏漏洞。该漏洞源于程序未对高级录制格式(ARF)或Webex录制格式(WRF)的Webex录制文件中的值进行正确验证。攻击者可通过发送恶意ARF或WRF文件利用该漏洞在受影响的系统上执行任意代码。
<*来源:Kushal Arvind Shah(Fortinet's FortiGuard Labs)
链接:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-player-dOJ2jOJ
*>
建议:
厂商补丁:
Cisco
-----
Cisco已经为此发布了一个安全公告(cisco-sa-webex-player-dOJ2jOJ)以及相应补丁:
cisco-sa-webex-player-dOJ2jOJ:Cisco Webex Network Recording Player and Webex Player Memory Corruption Vulnerability
链接:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-player-dOJ2jOJ浏览次数:1374
严重程度:0(网友投票)
本安全漏洞由绿盟科技翻译整理,版权所有,未经许可,不得转载
绿盟科技给您安全的保障 |
