Cisco has released a security advisory to address multiple buffer overflow vulnerabilities in Cisco WebEx Recording Format and Advanced Recording Format Players. Successful exploitation of the vulnerabilities could cause an affected player to crash or allow a remote attacker to execute arbitrary code.
The following updates are available:
Cisco WebEx Business Suite (WBS29) client builds T29.2 or later
Cisco WebEx Business Suite (WBS28) client builds T28.12 or later
Cisco WebEx Business Suite (WBS27) client builds T27TLSP32EP16 (27.32.16) or later
Cisco WebEx 11 versions prior to 1.2.10 with client builds T28.12 or later
Cisco WebEx Meetings Server client builds 220.127.116.117 or later
Cisco WebEx Meetings Server client builds Orion 2.0 or later
Users and administrators are encouraged to review the Cisco Security Advisory and apply the necessary updates.