Details of VAR-201706-0585

ID

VAR-201706-0585

CVE

CVE-2017-6669

TITLE

Cisco WebEx Network Recording Player ARF File Memory Corruption Remote Code Execution Vulnerability

Trust: 1.4

sources: ZDI: ZDI-17-444 // ZDI: ZDI-17-443

DESCRIPTION

Multiple buffer overflow vulnerabilities exist in the Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) files. An attacker could exploit these vulnerabilities by providing a user with a malicious ARF file via email or URL and convincing the user to launch the file. Exploitation of these vulnerabilities could cause an affected player to crash and, in some cases, could allow arbitrary code execution on the system of a targeted user. The Cisco WebEx Network Recording Player is an application that is used to play back WebEx meeting recordings that have been recorded on the computer of an online meeting attendee. The player can be automatically installed when the user accesses a recording file that is hosted on a WebEx server. The following client builds are affected by this vulnerability: Cisco WebEx Business Suite (WBS29) client builds prior to T29.13.130, Cisco WebEx Business Suite (WBS30) client builds prior to T30.17, Cisco WebEx Business Suite (WBS31) client builds prior to T31.10. Cisco Bug IDs: CSCvc47758 CSCvc51227 CSCvc51242. Vendors have confirmed this vulnerability Bug ID CSCvc47758 , CSCvc51227 ,and CSCvc51242 It is released as.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute arbitrary code under the context of the current process. A buffer overflow vulnerability exists in Cisco WebExNetworkRecordingPlayer. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Versions prior to 10

Trust: 4.41

sources: NVD: CVE-2017-6669 // JVNDB: JVNDB-2017-005144 // ZDI: ZDI-17-442 // ZDI: ZDI-17-444 // ZDI: ZDI-17-443 // CNVD: CNVD-2017-16244 // BID: 99196 // VULHUB: VHN-114872

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2017-16244

AFFECTED PRODUCTS

vendor:	cisco	model:	webex business suite client	scope:	eq	version:	0	Trust: 2.7
vendor:	cisco	model:	webex	scope:	-	version:	-	Trust: 2.1
vendor:	cisco	model:	webex advanced recording format player	scope:	eq	version:	29.10	Trust: 1.0
vendor:	cisco	model:	webex meetings player t29.10	scope:	-	version:	-	Trust: 0.9
vendor:	cisco	model:	webex network recording player	scope:	eq	version:	0	Trust: 0.9
vendor:	cisco	model:	webex advanced recording format player	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	webex arf player	scope:	eq	version:	29.10_base	Trust: 0.6
vendor:	cisco	model:	webex business suite client t31.10	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	webex business suite client t30.17	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	webex business suite client t29.13.130	scope:	ne	version:	-	Trust: 0.3

sources: ZDI: ZDI-17-442 // ZDI: ZDI-17-444 // ZDI: ZDI-17-443 // CNVD: CNVD-2017-16244 // BID: 99196 // JVNDB: JVNDB-2017-005144 // CNNVD: CNNVD-201706-951 // NVD: CVE-2017-6669

CVSS

SEVERITY

CVSSV2

CVSSV3

ZDI:	CVE-2017-6669
value:	MEDIUM
Trust: 2.1
nvd@nist.gov:	CVE-2017-6669
value:	HIGH
Trust: 1.0
NVD:	CVE-2017-6669
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2017-16244
value:	MEDIUM
Trust: 0.6
CNNVD:	CNNVD-201706-951
value:	HIGH
Trust: 0.6
VULHUB:	VHN-114872
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2017-6669
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 3.9
CNVD:	CNVD-2017-16244
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-114872
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2017-6669
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	CVE-2017-6669
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: ZDI: ZDI-17-442 // ZDI: ZDI-17-444 // ZDI: ZDI-17-443 // CNVD: CNVD-2017-16244 // VULHUB: VHN-114872 // JVNDB: JVNDB-2017-005144 // CNNVD: CNNVD-201706-951 // NVD: CVE-2017-6669

PROBLEMTYPE DATA

problemtype:

CWE-119

Trust: 1.9

sources: VULHUB: VHN-114872 // JVNDB: JVNDB-2017-005144 // NVD: CVE-2017-6669

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-201706-951

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201706-951

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-005144

PATCH

title:	cisco-sa-20170621-wnrp	url:	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170621-wnrp	Trust: 2.9
title:	Patch for CiscoWebExCiscoWebExNetworkRecordingPlayer Buffer Overflow Vulnerability	url:	https://www.cnvd.org.cn/patchInfo/show/98683	Trust: 0.6
title:	Cisco WebEx Network Recording Player Buffer error vulnerability fix	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=71173	Trust: 0.6

sources: ZDI: ZDI-17-442 // ZDI: ZDI-17-444 // ZDI: ZDI-17-443 // CNVD: CNVD-2017-16244 // JVNDB: JVNDB-2017-005144 // CNNVD: CNNVD-201706-951

EXTERNAL IDS

db:	NVD	id:	CVE-2017-6669	Trust: 5.5
db:	BID	id:	99196	Trust: 2.6
db:	SECTRACK	id:	1038737	Trust: 1.7
db:	JVNDB	id:	JVNDB-2017-005144	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-4277	Trust: 0.7
db:	ZDI	id:	ZDI-17-442	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-4279	Trust: 0.7
db:	ZDI	id:	ZDI-17-444	Trust: 0.7
db:	ZDI_CAN	id:	ZDI-CAN-4278	Trust: 0.7
db:	ZDI	id:	ZDI-17-443	Trust: 0.7
db:	CNNVD	id:	CNNVD-201706-951	Trust: 0.7
db:	CNVD	id:	CNVD-2017-16244	Trust: 0.6
db:	VULHUB	id:	VHN-114872	Trust: 0.1

sources: ZDI: ZDI-17-442 // ZDI: ZDI-17-444 // ZDI: ZDI-17-443 // CNVD: CNVD-2017-16244 // VULHUB: VHN-114872 // BID: 99196 // JVNDB: JVNDB-2017-005144 // CNNVD: CNNVD-201706-951 // NVD: CVE-2017-6669

REFERENCES

url:	https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20170621-wnrp	Trust: 4.1
url:	http://www.securityfocus.com/bid/99196	Trust: 2.3
url:	http://www.securitytracker.com/id/1038737	Trust: 1.7
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-6669	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2017-6669	Trust: 0.8
url:	http://www.cisco.com/	Trust: 0.3

CREDITS

Steven Seeley of Source Incite

Trust: 2.1

sources: ZDI: ZDI-17-442 // ZDI: ZDI-17-444 // ZDI: ZDI-17-443

SOURCES

db:	ZDI	id:	ZDI-17-442
db:	ZDI	id:	ZDI-17-444
db:	ZDI	id:	ZDI-17-443
db:	CNVD	id:	CNVD-2017-16244
db:	VULHUB	id:	VHN-114872
db:	BID	id:	99196
db:	JVNDB	id:	JVNDB-2017-005144
db:	CNNVD	id:	CNNVD-201706-951
db:	NVD	id:	CVE-2017-6669

LAST UPDATE DATE

2024-11-23T23:05:25.609000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-17-442	date:	2017-06-23T00:00:00
db:	ZDI	id:	ZDI-17-444	date:	2017-06-23T00:00:00
db:	ZDI	id:	ZDI-17-443	date:	2017-06-23T00:00:00
db:	CNVD	id:	CNVD-2017-16244	date:	2017-07-24T00:00:00
db:	VULHUB	id:	VHN-114872	date:	2017-07-07T00:00:00
db:	BID	id:	99196	date:	2017-06-21T00:00:00
db:	JVNDB	id:	JVNDB-2017-005144	date:	2017-07-19T00:00:00
db:	CNNVD	id:	CNNVD-201706-951	date:	2021-04-07T00:00:00
db:	NVD	id:	CVE-2017-6669	date:	2024-11-21T03:30:16.123

SOURCES RELEASE DATE

db:	ZDI	id:	ZDI-17-442	date:	2017-06-23T00:00:00
db:	ZDI	id:	ZDI-17-444	date:	2017-06-23T00:00:00
db:	ZDI	id:	ZDI-17-443	date:	2017-06-23T00:00:00
db:	CNVD	id:	CNVD-2017-16244	date:	2017-07-24T00:00:00
db:	VULHUB	id:	VHN-114872	date:	2017-06-26T00:00:00
db:	BID	id:	99196	date:	2017-06-21T00:00:00
db:	JVNDB	id:	JVNDB-2017-005144	date:	2017-07-19T00:00:00
db:	CNNVD	id:	CNNVD-201706-951	date:	2017-06-23T00:00:00
db:	NVD	id:	CVE-2017-6669	date:	2017-06-26T07:29:00.230