Security News > 2017 > January > The latest on the critical RCE Cisco WebEx extension vulnerability (Help Net Security)
2017-01-30 15:14
Since Google bug hunter Tavis Ormandy revealed the existence of a remotely exploitable code execution flaw in the Cisco WebEx extension for Google Chrome last week, Cisco has pushed out several updates for it in quick succession. We’re now up to version 1.0.7 (the initial update to fix the flaw was 1.0.3), and ostensibly the vulnerability has now been fixed. The latest update of the security advisory detailing the issue says that the WebEx extensions … More →
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/xd5ORaZMUI4/
Related news
- Critical PHP RCE vulnerability mass exploited in new attacks (source)
- Critical Veeam Backup & Replication RCE vulnerability fixed, patch ASAP! (CVE-2025-23120) (source)
- Infoseccers criticize Veeam over critical RCE vulnerability and a failing blacklist (source)
- Critical Ingress NGINX Controller Vulnerability Allows RCE Without Authentication (source)
- Gladinet’s Triofox and CentreStack Under Active Exploitation via Critical RCE Vulnerability (source)
- Critical Commvault RCE vulnerability fixed, PoC available (CVE-2025-34028) (source)
- MITRE Caldera RCE vulnerability with public PoC fixed, patch ASAP! (CVE-2025–27364) (source)
- Cisco warns of Webex for BroadWorks flaw exposing credentials (source)
- Elastic Releases Urgent Fix for Critical Kibana Vulnerability Enabling Remote Code Execution (source)
- Moxa Issues Fix for Critical Authentication Bypass Vulnerability in PT Switches (source)