CVE-2014-0666

critical

Description

Directory traversal vulnerability in the Send Screen Capture implementation in Cisco Jabber 9.2(.1) and earlier on Windows allows remote attackers to upload arbitrary types of files, and consequently execute arbitrary code, via modified packets, aka Bug ID CSCug48056.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/90435

http://www.securitytracker.com/id/1029635

http://www.securityfocus.com/bid/64965

http://tools.cisco.com/security/center/viewAlert.x?alertId=32451

http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0666

http://secunia.com/advisories/56331

http://osvdb.org/102122

Details

Source: Mitre, NVD

Published: 2014-01-16

Updated: 2017-08-29

Risk Information

CVSS v2

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical