Vulnerabilities > CVE-2016-4349 - Unspecified vulnerability in Cisco Webex Productivity Tools 2.40.5001.10012

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

cisco

NVD

Published: 2016-04-28

Updated: 2016-05-04

Summary

Untrusted search path vulnerability in Cisco WebEx Productivity Tools 2.40.5001.10012 allows local users to gain privileges via a Trojan horse cryptsp.dll, dwmapi.dll, msimg32.dll, ntmarta.dll, propsys.dll, riched20.dll, rpcrtremote.dll, secur32.dll, sxs.dll, or uxtheme.dll file in the current working directory, aka Bug ID CSCuy56140.

Vulnerable Configurations

Part	Description	Count
Application	Cisco Cisco Webex Productivity Tools 2.40.5001.10012	1

References

https://www.solutionary.com/threat-intelligence/vulnerability-disclosures/2016/04/webex-productivity-tools/