by Bill Brenner
Core Security researchers Federico Muttis, Sebastian Tello and Manuel Muradas teamed to discover two separate vulnerabilities, each affecting a separate Cisco WebEx application. First, the research team manipulated a file created by the Cisco WebEx recorder (carrying the .WRF extension) and played by the WebEx player. A portion of the new file’s execution pointed to a user call instruction and allowed a hacker to execute other functions on the machine.
Source: CSO Online