CVE-2014-0666
Directory traversal vulnerability in the Send Screen Capture implementation in Cisco Jabber 9.2(.1) and earlier on Windows allows remote attackers to upload arbitrary types of files, and consequently execute arbitrary code, via modified packets, aka Bug ID CSCug48056.
| Software | From | Fixed in |
|---|---|---|
| cisco / jabber | 9.1 | 9.1.x |
| cisco / jabber | 9.0(.4) | 9.0(.4).x |
| cisco / jabber | 9.1(.0) | 9.1(.0).x |
| cisco / jabber | 9.0(.3) | 9.0(.3).x |
| cisco / jabber | 9.1(.3) | 9.1(.3).x |
| cisco / jabber | 9.1(.2) | 9.1(.2).x |
| cisco / jabber | 9.0 | 9.0.x |
| cisco / jabber | 9.1(.5) | 9.1(.5).x |
| cisco / jabber | 9.2 | 9.2.x |
| cisco / jabber | - | 9.2\(.1\).x |
| cisco / jabber | 9.0(.0) | 9.0(.0).x |
| cisco / jabber | 9.1(.4) | 9.1(.4).x |
| cisco / jabber | 9.0(.1) | 9.0(.1).x |
| cisco / jabber | 9.0(.5) | 9.0(.5).x |
| cisco / jabber | 9.0(.2) | 9.0(.2).x |
| cisco / jabber | 9.2(.0) | 9.2(.0).x |
| cisco / jabber | 9.1(.1) | 9.1(.1).x |
- http://osvdb.org/102122
- http://secunia.com/advisories/56331
- http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0666
- http://tools.cisco.com/security/center/viewAlert.x?alertId=32451
- http://www.securityfocus.com/bid/64965
- http://www.securitytracker.com/id/1029635
- https://exchange.xforce.ibmcloud.com/vulnerabilities/90435
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime