Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

cisco webex meetings server 1.1 base vulnerabilities and exploits

(subscribe to this query)

6.8
CVSSv2
CVE-2017-6669
Multiple buffer overflow vulnerabilities exist in the Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) files. An attacker could exploit these vulnerabilities by providing a user with a malicious ARF file via email or URL and convincing the user to launch...
Cisco Webex Arf Player 29.10 Base
5
CVSSv2
CVE-2014-3569
The ssl23_get_client_hello function in s23_srvr.c in OpenSSL 0.9.8zc, 1.0.0o, and 1.0.1j does not properly handle attempts to use unsupported protocols, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an unexpected...
Openssl Openssl 1.0.1j
5
CVSSv2
CVE-2014-3570
The BN_sqr implementation in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not properly calculate the square of a BIGNUM value, which might make it easier for remote attackers to defeat cryptographic protection mechanisms via unspecified vectors,...
Openssl OpensslOpenssl Openssl 1.0.0aOpenssl Openssl 1.0.0bOpenssl Openssl 1.0.0cOpenssl Openssl 1.0.0dOpenssl Openssl 1.0.0eOpenssl Openssl 1.0.0fOpenssl Openssl 1.0.0gOpenssl Openssl 1.0.0hOpenssl Openssl 1.0.0iOpenssl Openssl 1.0.0jOpenssl Openssl 1.0.0kOpenssl Openssl 1.0.0lOpenssl Openssl 1.0.0mOpenssl Openssl 1.0.0nOpenssl Openssl 1.0.0oOpenssl Openssl 1.0.1aOpenssl Openssl 1.0.1bOpenssl Openssl 1.0.1cOpenssl Openssl 1.0.1dOpenssl Openssl 1.0.1eOpenssl Openssl 1.0.1fOpenssl Openssl 1.0.1gOpenssl Openssl 1.0.1hOpenssl Openssl 1.0.1iOpenssl Openssl 1.0.1j
5
CVSSv2
CVE-2014-3571
OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted DTLS message that is processed with a different read operation for the handshake header than...
Openssl OpensslOpenssl Openssl 1.0.0aOpenssl Openssl 1.0.0bOpenssl Openssl 1.0.0cOpenssl Openssl 1.0.0dOpenssl Openssl 1.0.0eOpenssl Openssl 1.0.0fOpenssl Openssl 1.0.0gOpenssl Openssl 1.0.0hOpenssl Openssl 1.0.0iOpenssl Openssl 1.0.0jOpenssl Openssl 1.0.0kOpenssl Openssl 1.0.0lOpenssl Openssl 1.0.0mOpenssl Openssl 1.0.0nOpenssl Openssl 1.0.0oOpenssl Openssl 1.0.1aOpenssl Openssl 1.0.1bOpenssl Openssl 1.0.1cOpenssl Openssl 1.0.1dOpenssl Openssl 1.0.1eOpenssl Openssl 1.0.1fOpenssl Openssl 1.0.1gOpenssl Openssl 1.0.1hOpenssl Openssl 1.0.1iOpenssl Openssl 1.0.1j
5
CVSSv2
CVE-2014-3572
The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct ECDHE-to-ECDH downgrade attacks and trigger a loss of forward secrecy by omitting the ServerKeyExchange message....
Openssl OpensslOpenssl Openssl 1.0.0aOpenssl Openssl 1.0.0bOpenssl Openssl 1.0.0cOpenssl Openssl 1.0.0dOpenssl Openssl 1.0.0eOpenssl Openssl 1.0.0fOpenssl Openssl 1.0.0gOpenssl Openssl 1.0.0hOpenssl Openssl 1.0.0iOpenssl Openssl 1.0.0jOpenssl Openssl 1.0.0kOpenssl Openssl 1.0.0lOpenssl Openssl 1.0.0mOpenssl Openssl 1.0.0nOpenssl Openssl 1.0.0oOpenssl Openssl 1.0.1aOpenssl Openssl 1.0.1bOpenssl Openssl 1.0.1cOpenssl Openssl 1.0.1dOpenssl Openssl 1.0.1eOpenssl Openssl 1.0.1fOpenssl Openssl 1.0.1gOpenssl Openssl 1.0.1hOpenssl Openssl 1.0.1iOpenssl Openssl 1.0.1j
5
CVSSv2
CVE-2014-8275
OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k does not enforce certain constraints on certificate data, which allows remote attackers to defeat a fingerprint-based certificate-blacklist protection mechanism by including crafted data within a...
Openssl OpensslOpenssl Openssl 1.0.0aOpenssl Openssl 1.0.0bOpenssl Openssl 1.0.0cOpenssl Openssl 1.0.0dOpenssl Openssl 1.0.0eOpenssl Openssl 1.0.0fOpenssl Openssl 1.0.0gOpenssl Openssl 1.0.0hOpenssl Openssl 1.0.0iOpenssl Openssl 1.0.0jOpenssl Openssl 1.0.0kOpenssl Openssl 1.0.0lOpenssl Openssl 1.0.0mOpenssl Openssl 1.0.0nOpenssl Openssl 1.0.0oOpenssl Openssl 1.0.1aOpenssl Openssl 1.0.1bOpenssl Openssl 1.0.1cOpenssl Openssl 1.0.1dOpenssl Openssl 1.0.1eOpenssl Openssl 1.0.1fOpenssl Openssl 1.0.1gOpenssl Openssl 1.0.1hOpenssl Openssl 1.0.1iOpenssl Openssl 1.0.1j
4.3
CVSSv2
CVE-2015-0204
The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct RSA-to-EXPORT_RSA downgrade attacks and facilitate brute-force decryption by offering a weak ephemeral RSA key in a...
Openssl OpensslOpenssl Openssl 1.0.0aOpenssl Openssl 1.0.0bOpenssl Openssl 1.0.0cOpenssl Openssl 1.0.0dOpenssl Openssl 1.0.0eOpenssl Openssl 1.0.0fOpenssl Openssl 1.0.0gOpenssl Openssl 1.0.0hOpenssl Openssl 1.0.0iOpenssl Openssl 1.0.0jOpenssl Openssl 1.0.0kOpenssl Openssl 1.0.0lOpenssl Openssl 1.0.0mOpenssl Openssl 1.0.0nOpenssl Openssl 1.0.0oOpenssl Openssl 1.0.1aOpenssl Openssl 1.0.1bOpenssl Openssl 1.0.1cOpenssl Openssl 1.0.1dOpenssl Openssl 1.0.1eOpenssl Openssl 1.0.1fOpenssl Openssl 1.0.1gOpenssl Openssl 1.0.1hOpenssl Openssl 1.0.1iOpenssl Openssl 1.0.1j
5
CVSSv2
CVE-2015-0205
The ssl3_get_cert_verify function in s3_srvr.c in OpenSSL 1.0.0 before 1.0.0p and 1.0.1 before 1.0.1k accepts client authentication with a Diffie-Hellman (DH) certificate without requiring a CertificateVerify message, which allows remote attackers to obtain access without...
Openssl Openssl 1.0.0aOpenssl Openssl 1.0.0bOpenssl Openssl 1.0.0cOpenssl Openssl 1.0.0dOpenssl Openssl 1.0.0eOpenssl Openssl 1.0.0fOpenssl Openssl 1.0.0gOpenssl Openssl 1.0.0hOpenssl Openssl 1.0.0iOpenssl Openssl 1.0.0jOpenssl Openssl 1.0.0kOpenssl Openssl 1.0.0lOpenssl Openssl 1.0.0mOpenssl Openssl 1.0.0nOpenssl Openssl 1.0.0oOpenssl Openssl 1.0.1aOpenssl Openssl 1.0.1bOpenssl Openssl 1.0.1cOpenssl Openssl 1.0.1dOpenssl Openssl 1.0.1eOpenssl Openssl 1.0.1fOpenssl Openssl 1.0.1gOpenssl Openssl 1.0.1hOpenssl Openssl 1.0.1iOpenssl Openssl 1.0.1j
5
CVSSv2
CVE-2015-0206
Memory leak in the dtls1_buffer_record function in d1_pkt.c in OpenSSL 1.0.0 before 1.0.0p and 1.0.1 before 1.0.1k allows remote attackers to cause a denial of service (memory consumption) by sending many duplicate records for the next epoch, leading to failure of replay...
Openssl Openssl 1.0.0aOpenssl Openssl 1.0.0bOpenssl Openssl 1.0.0cOpenssl Openssl 1.0.0dOpenssl Openssl 1.0.0eOpenssl Openssl 1.0.0fOpenssl Openssl 1.0.0gOpenssl Openssl 1.0.0hOpenssl Openssl 1.0.0iOpenssl Openssl 1.0.0jOpenssl Openssl 1.0.0kOpenssl Openssl 1.0.0lOpenssl Openssl 1.0.0mOpenssl Openssl 1.0.0nOpenssl Openssl 1.0.0oOpenssl Openssl 1.0.1aOpenssl Openssl 1.0.1bOpenssl Openssl 1.0.1cOpenssl Openssl 1.0.1dOpenssl Openssl 1.0.1eOpenssl Openssl 1.0.1fOpenssl Openssl 1.0.1gOpenssl Openssl 1.0.1hOpenssl Openssl 1.0.1iOpenssl Openssl 1.0.1j
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
IDORCVE-2021-25336CVE-2020-35489internmentCVE-2021-21978CVE-2021-26293CVE-2021-26965CVE-2020-29032XML injectioninternment projectencryptiontoodeetruetype