CVE-2018-15421 – Examining a Stack-based Overflow in the Cisco Webex Network Recording Player

Over this past year, several different researchers submitted bug reports in the Cisco Webex suite of programs. However, in their more than 40 submissions, they missed this trivial stack-based buffer overflow. This blog details ZDI-18-1078, a vulnerability in Cisco Webex Network Recording Player version 31.23.2.58 (now reaching its EOL) that results in remote code execution.

https://www.zerodayinitiative.com/blog/2018/9/27/cve-2018-15421-examining-a-stack-based-overflow-in-the-cisco-webex-network-recording-player