Solutionary ID: SERT-VDN-1019
Risk Rating: Low
CVE ID: CVE-2016-4349
Product: WebEx Productivity Tools
Application Vendor: Cisco
Vendor URL: https://www.webex.com/
Date discovered: 02/17/2016
Discovered by: Jose Hernandez, Jacob Faires, and Solutionary Engineering Research Team (SERT)
Vendor notification date: 03/02/2016
Vendor response date: 03/02/2016
Vendor acknowledgment date: 04/12/2016
Public disclosure date: 04/18/2016
Type of vulnerability: Insecure Library Loading (DLL Hijacking)
Exploit Vectors: Local
Vulnerability Description: WebEx Productivity Tools is vulnerable to a Insecure Library Loading vulnerability. The libraries identified as being vulnerable are msimg32.dll, SXS.dll, RpcRtRemote.dll, CRYPTSP.dll, dwmapi.dll,Secur32.dll, PROPSYS.dll, ntmarta.dll, UXTheme.dll, and Riched20.dll. The vulnerability lies in the way Microsoft Windows loads DLLs. If applications fail to load a library from a path, Microsoft Windows searches several default paths to find and load the library. A malicious attacker can create a malicious DLL with the same name and place it in a directory where Microsoft Windows searches by default. The application will load the malicious DLL resulting in arbitrary code execution.
Tested on: Windows 7 SP1
Affected software versions: 2.40.5001.10012
Impact: Successful exploitation allows local arbitrary code execution.
Fixed in: No Plans For Patch
Remediation guidelines: Restrict access to the application to trusted networks and enforce strict restrictions for access to the application libraries. Update the software should a patch become available.