CVE-2014-0666
Cisco Jabber < 9.2(1) - Remote Code Execution via Send Screen Capture
Title source: llmDescription
Directory traversal vulnerability in the Send Screen Capture implementation in Cisco Jabber 9.2(.1) and earlier on Windows allows remote attackers to upload arbitrary types of files, and consequently execute arbitrary code, via modified packets, aka Bug ID CSCug48056.
References (7)
Core 7
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1029635
Vendor Advisory vendor-advisory
x_refsource_cisco
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-0666
Vendor Advisory x_refsource_confirm
http://tools.cisco.com/security/center/viewAlert.x?alertId=32451
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/56331
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/64965
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/90435
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/102122
Scores
EPSS
0.0554
EPSS Percentile
91.9%
Details
CWE
CWE-22
Status
published
Products (17)
cisco/jabber
9.0
cisco/jabber
9.0\(.0\)
cisco/jabber
9.0\(.1\)
cisco/jabber
9.0\(.2\)
cisco/jabber
9.0\(.3\)
cisco/jabber
9.0\(.4\)
cisco/jabber
9.0\(.5\)
cisco/jabber
9.1
cisco/jabber
9.1\(.0\)
cisco/jabber
9.1\(.1\)
... and 7 more
Published
Jan 16, 2014
Tracked Since
Feb 18, 2026