Zero-Day Advisory
Fortinet Discovers Cisco WebEx WRF and ARF Player Vulnerability
Summary
Fortinet's FortiGuard Labs has discovered one buffer overflow vulnerability in Cisco WebEx WRF and ARF Player.
Solutions
FortiGuard Labs released the following FortiGate IPS signature which covers this specific vulnerability:Cisco.WebEx.ARF.Players.Out.Of.Bound.Memory.Read
Released May 13, 2014
Users should apply the solution provided by Cisco.
Additional Information
The vulnerability can be triggered when opening a maliciously crafted WebEx file which contains a malformed field.
References
Acknowledgement
This vulnerability was discovered by Zhenhua Liu of Fortinet's FortiGuard Labs.