How severe is CVE-2017-12368?

This vulnerability has a severity rating of CRITICAL with a CVSS score of 9.6 out of 10.

What type of vulnerability is CVE-2017-12368?

This is classified as CWE-119, which is a common weakness in software security.

CVE-2017-12368 - CRITICAL Severity | CVSS 9.6

Vulnerability Description

A "Cisco WebEx Network Recording Player Remote Code Execution Vulnerability" exists in Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) and WebEx Recording Format (WRF) files. A remote attacker could exploit this by providing a user with a malicious ARF or WRF file via email or URL and convincing the user to launch the file. Exploitation of this could cause an affected player to crash and, in some cases, could allow arbitrary code execution on the system of a targeted user. Cisco Bug IDs: CSCve10584, CSCve10591, CSCve11503, CSCve10658, CSCve11507, CSCve10749, CSCve10744, CSCve11532, CSCve10762, CSCve10764, CSCve11538.

Related Vulnerabilities

CVE-2015-7939

CRITICAL

CVSS:9.6(Critical)

Heap-based buffer overflow in Unitronics VisiLogic OPLC IDE before 9.8.09 allows remote attackers to execute arbitrary code via a long vlp filename.

CWE-1192015

CVE-2016-0003

CRITICAL

CVSS:9.6(Critical)

Microsoft Edge allows remote attackers to execute arbitrary code via unspecified vectors, aka "Microsoft Edge Memory Corruption Vulnerability."

CWE-1192016

CVE-2016-4734

CRITICAL

CVSS:9.6(Critical)

WebKit in Apple iOS before 10, Safari before 10, and tvOS before 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, a differe...

CWE-1192016

CVE-2016-7277

CRITICAL

CVSS:9.6(Critical)

Microsoft Office 2016 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."

CWE-1192016

CVE-2017-11309

CRITICAL

CVSS:9.6(Critical)

Buffer overflow in the SoftConsole client in Avaya IP Office before 10.1.1 allows remote servers to execute arbitrary code via a long response.

CWE-1192017

CVE-2017-12367

CRITICAL

CVSS:9.6(Critical)

A "Cisco WebEx Network Recording Player Denial of Service Vulnerability" exists in Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) and WebEx Recording Format (WRF) files. A re...

CWE-1192017