Cisco has addressed a critical arbitrary program execution vulnerability in its Jabber client software. The flaw was reported by Olav Sortland Thoresen of Watchcom. The security flaw was rated by Cisco with a 9.9/10 severity score. It is caused by improper input validation of incoming messages’ contents. Cisco also published 37 other security advisories today, detailing security updates for other medium and high severity security flaws in multiple Cisco products. These bugs could enable remote attackers to execute arbitrary programs, gain access to sensitive information.
Source: https://www.bleepingcomputer.com/news/security/cisco-addresses-critical-bug-in-windows-macos-jabber-clients/