CVE-2016-1464

Published: Sep 3, 2016Modified: May 6, 2026

7.8

Vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

Cisco WebEx Meetings Player T29.10, when WRF file support is enabled, allows remote attackers to execute arbitrary code via a crafted file, aka Bug ID CSCva09375.

Affected (1)

Products: Cisco: Webex Wrf Player T29

Cisco

1 product

Webex Wrf Player T29

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Cisco Webex Wrf Player T29	Version sp10_base

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (8)

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160831-meetings-player

Source: psirt@cisco.com

Vendor Advisory

http://www.securityfocus.com/bid/92708

Source: psirt@cisco.com

http://www.securitytracker.com/id/1036712

Source: psirt@cisco.com

https://www.exploit-db.com/exploits/40508/

Source: psirt@cisco.com

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160831-meetings-player

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securityfocus.com/bid/92708

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id/1036712

Source: af854a3a-2127-422b-91ae-364da2661108

https://www.exploit-db.com/exploits/40508/

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.