How severe is CVE-2018-0112?

This vulnerability has a severity rating of CRITICAL with a CVSS score of 9 out of 10.

What type of vulnerability is CVE-2018-0112?

This is classified as CWE-20, which is a common weakness in software security.

CVE-2018-0112

CRITICAL Year: 2018

CVSS v3 Score

9.0

Critical

CVSS v2 Score

6.0

Medium

Weakness Type

CWE-20

View all →

Vulnerability Description

A vulnerability in Cisco WebEx Business Suite clients, Cisco WebEx Meetings, and Cisco WebEx Meetings Server could allow an authenticated, remote attacker to execute arbitrary code on a targeted system. The vulnerability is due to insufficient input validation by the Cisco WebEx clients. An attacker could exploit this vulnerability by providing meeting attendees with a malicious Flash (.swf) file via the file-sharing capabilities of the client. Exploitation of this vulnerability could allow arbitrary code execution on the system of a targeted user. This affects the clients installed by customers when accessing a WebEx meeting. The following client builds of Cisco WebEx Business Suite (WBS30, WBS31, and WBS32), Cisco WebEx Meetings, and Cisco WebEx Meetings Server are impacted: Cisco WebEx Business Suite (WBS31) client builds prior to T31.23.2, Cisco WebEx Business Suite (WBS32) client builds prior to T32.10, Cisco WebEx Meetings with client builds prior to T32.10, Cisco WebEx Meetings Server builds prior to 2.8 MR2. Cisco Bug IDs: CSCvg19384, CSCvi10746.

CVE-2017-3241

CRITICAL

CVSS:9.0(Critical)

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u1...

CWE-202017

CVE-2018-4007

CRITICAL

CVSS:9.0(Critical)

An exploitable privilege escalation vulnerability exists in the Shimo VPN 4.1.5.1 helper service in the deleteConfig functionality. The program is able to delete any protected file on the system. An a...

CWE-202018

CVE-2018-4054

CRITICAL

CVSS:9.0(Critical)

A local privilege escalation vulnerability exists in the install helper tool of the Mac OS X version of Pixar Renderman, version 22.2.0. A user with local access can use this vulnerability to escalate...

CWE-202018

CVE-2019-10063

CRITICAL

CVSS:9.0(Critical)

Flatpak before 1.0.8, 1.1.x and 1.2.x before 1.2.4, and 1.3.x before 1.3.1 allows a sandbox bypass. Flatpak versions since 0.8.1 address CVE-2017-5226 by using a seccomp filter to prevent sandboxed ap...

CWE-202019

CVE-2019-11460

CRITICAL

CVSS:9.0(Critical)

An issue was discovered in GNOME gnome-desktop 3.26, 3.28, and 3.30 prior to 3.30.2.2, and 3.32 prior to 3.32.1.1. A compromised thumbnailer may escape the bubblewrap sandbox used to confine thumbnail...

CWE-202019

CVE-2019-11595

CRITICAL

CVSS:9.0(Critical)

In uBlock before 0.9.5.15, the $rewrite filter option allows filter-list maintainers to run arbitrary code in a client-side session when a web service loads a script for execution using XMLHttpRequest...

CWE-202019

CVE-2018-0112

Vulnerability Description

Related Vulnerabilities

CVE-2017-3241

CVE-2018-4007

CVE-2018-4054

CVE-2019-10063

CVE-2019-11460

CVE-2019-11595