Cisco WebEx Conferencing Security Vulnerabilities

Tuesday, February 01, 2011



Vulnerabilities in Cisco's WebEx internet video conferencing application have been reported by an independent security research team.

Core Security Technologies revealed a remote access flaw and stack overflow issues that may compromise users' computers or cause them to crash.

The first vulnerability leaves the end-user's computer open to remote execution of commands by an attacker because part of the process code in a WRF file created by the WebEx recorder points to a user call instruction.

The second vulnerability causes meeting attendee's computers to crash if a minor alteration is made to the XML code in a file that controls the WebEx polling feature prior to a poll be issued.

Core Security shared the information with Cisco in an effort to produce solutions to the flaws prior to publicly disclosing the vulnerabilities.

Alex Horan, senior product manager at Core Security Technologies, told SecurityWeek, "sometimes innocent actions, such as opening an email attachment that appears to be a recorded WebEx presentation, can leave a computer vulnerable to hackers"

"For this reason, Core Security regularly investigates common applications to make sure they do not present new previously unknown vulnerabilities. In this case, a well-known development concern, stack overflow, is at fault. It demonstrates yet again how companies need to be constantly vigilant in testing their systems for new ways data could be compromised.”

To remediate the first vulnerability, Core Security recommends WebEx users uninstall previous versions of the application and replace them with the updated version found here.

Cisco has implemented a fix on the WebEx server side to prevent attendee computer crashes caused by the second vulnerability.

Core Security offers more details on the flaws and the fixes here.


Possibly Related Articles:
Cisco Application Security Vulnerabilities Headlines XML WebEx Core Security WRF
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.