-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Cisco Security Advisory: Cisco Meeting Server and Meeting App Buffer Underflow Vulnerability Advisory ID: cisco-sa-20161102-cms Revision: 1.0 For Public Release 2016 November 2 16:00 UTC (GMT) +--------------------------------------------------------------------- Summary ======= A vulnerability in Cisco Meeting Server and Meeting App could allow an unauthenticated, remote attacker to execute arbitrary code on an affected system. The vulnerability exists because the software does not perform sufficient boundary checks on user-supplied data. An unauthenticated, remote attacker could exploit this vulnerability by sending crafted IPv6 input to the vulnerable function. A successful exploit could result in an exploitable buffer underflow condition. An attacker could leverage this buffer underflow condition to incorrectly allocate memory and cause a reload of the device or execute arbitrary code with the privileges of the affected application. Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161102-cms -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org iQIcBAEBCgAGBQJYGeeYAAoJEK89gD3EAJB5YUIP/19rgJYyhtMGclvuJki2GnmF 9Wr6KsfgTHZI2uxWOrd2GL8kLt3a8roEeLxY6T7d3aL4J3e5oKTf/eAETuaHsXnA NG1RknOcOn9P0iAY8Hr5UjMfZcIU27EfnnACqclecXbNiH1NWD6WPH6r058041Ib OXW0uTsBWNnhgFTDPuks6rCKBibbKiBYJWi6hFqqhfl7dabh7e4sqIZrR1PYZ1Jb RjfPd5NhD2ksUAeRxuwHD4hGRLQZS5Il+DdpbJ2N7JzhpaMMv6EfevqhImPCe1FM 4C/sjBNbBSYlzwdoVSDwoPLTOS8NJWPK39WC7JB9Jv5JetnV40t0gCvy1AYnVedF AoKnnkaDlsCN/lzW+js5YuKvOV1hRe+r/631TV3VWuC7SHDJCoF4tD8s/ZBugE6k 8xkN23AlsCtgP/5GNUSH4wBOXaidRTPKK5YjT0hsIqV29TYjx5Sn3BKsjIrVqB6O sJDPcxe1p/IbNL0ZRiTnsiPcrZM5uvFigyzSWixT87rfFQV4cawN6VRmjZNxZgCA NEsqCJbXRANreYD840FWleLaw8VCChU2qms3lz4k8GrLuBzZg1o+2IXd923YtCOZ qKp5szHDoPhrxLMZRL7aC9rajPv7uqQQrNOO1FMC8RRu13uriQl2oOzx7WkhZTnG 16o5lSdBYGKg9HouNE3i =m8l2 -----END PGP SIGNATURE-----