Thanks Dev for this, what's the extent of damage compared to the security flaw that was discovered in Adobe Connect and led to it being discontinued. I think we should make a thorough comparison because apparently there is no platform that is secure 100%. On Thursday, April 19, 2018, Dev Anand Teelucksingh <devtee@gmail.com> wrote:
https://tools.cisco.com/security/center/content/ CiscoSecurityAdvisory/cisco-sa-20180418-wbs
A vulnerability in Cisco WebEx Business Suite clients, Cisco WebEx Meetings, and Cisco WebEx Meetings Server could allow an authenticated, remote attacker to execute arbitrary code on a targeted system.
The vulnerability is due to insufficient input validation by the Cisco WebEx clients. An attacker could exploit this vulnerability by providing meeting attendees with a malicious Flash (.swf) file via the file-sharing capabilities of the client. Exploitation of this vulnerability could allow arbitrary code execution on the system of a targeted user.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability
This vulnerability disclosed in this advisory affects the clients installed by customers when accessing a WebEx meeting.
-- Regards Nanghaka Daniel K. Executive Director - ILICIT Africa / Chair - FOSSFA / Community Lead - ISOC Uganda Chapter / Geo4Africa Lead / Organising Team - FOSS4G2018 Mobile +256 772 898298 (Uganda) Skype: daniel.nanghaka ----------------------------------------- *"Working for Africa" * -----------------------------------------