Security News > 2017 > January > The latest on the critical RCE Cisco WebEx extension vulnerability (Help Net Security)
2017-01-30 15:14
Since Google bug hunter Tavis Ormandy revealed the existence of a remotely exploitable code execution flaw in the Cisco WebEx extension for Google Chrome last week, Cisco has pushed out several updates for it in quick succession. We’re now up to version 1.0.7 (the initial update to fix the flaw was 1.0.3), and ostensibly the vulnerability has now been fixed. The latest update of the security advisory detailing the issue says that the WebEx extensions … More →
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/xd5ORaZMUI4/
Related news
- Gladinet’s Triofox and CentreStack Under Active Exploitation via Critical RCE Vulnerability (source)
- Critical Commvault RCE vulnerability fixed, PoC available (CVE-2025-34028) (source)
- CISA Warns of CentreStack's Hard-Coded MachineKey Vulnerability Enabling RCE Attacks (source)
- Critical Apache Roller Vulnerability (CVSS 10.0) Enables Unauthorized Session Persistence (source)
- Critical Erlang/OTP SSH Vulnerability (CVSS 10.0) Allows Unauthenticated Code Execution (source)
- Critical Erlang/OTP SSH pre-auth RCE is 'Surprisingly Easy' to exploit, patch now (source)
- Cisco Webex bug lets hackers gain code execution via meeting links (source)
- Critical Erlang/OTP SSH RCE bug now has public exploits, patch now (source)
- Critical Langflow RCE flaw exploited to hack AI app servers (source)
- SysAid Patches 4 Critical Flaws Enabling Pre-Auth RCE in On-Premise Version (source)