Medium severity6.5NVD Advisory· Published Nov 30, 2017· Updated May 13, 2026

CVE-2017-12359

Description

A Buffer Overflow vulnerability in Cisco WebEx Network Recording Player for Advanced Recording Format (.arf) files could allow an attacker to execute arbitrary code on a system. An attacker could exploit this vulnerability by providing a user with a malicious .arf file via email or URL and convincing the user to launch the file. Exploitation of this vulnerability could allow arbitrary code execution on the system of the targeted user. This vulnerability affects Cisco WebEx Business Suite meeting sites, Cisco WebEx Meetings sites, Cisco WebEx Meetings Server, and Cisco WebEx ARF players. Cisco Bug IDs: CSCve10729, CSCve10771, CSCve10779, CSCve11521, CSCve11543.

Affected products

Cisco Systems, Inc./Webex Meeting Center4 versions
cpe:2.3:a:cisco:webex_meeting_center:t29:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:cisco:webex_meeting_center:t29:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:webex_meeting_center:t30:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:webex_meeting_center:t31:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:webex_meeting_center:t32:*:*:*:*:*:*:*
Cisco Systems, Inc./Webex Meetings Server2 versions
cpe:2.3:a:cisco:webex_meetings_server:2.6.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:cisco:webex_meetings_server:2.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:cisco:webex_meetings_server:2.7.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-webexnvdVendor Advisory
www.securityfocus.com/bid/102186nvd

News mentions

No linked articles in our index yet.

cvss	0.423
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000