The bugs affect the WebEx WRF and ARF players and some of Cisco s Business Suite builds, WebEx 11 and WebEx Meetings Server. Cisco officials said there aren t any workarounds for the vulnerabilities, but there are fixed versions of each of the vulnerable products available now. The company said the players are sometimes automatically downloaded when a users opens a recorded meeting on a WebEx server. An attacker may be able to accomplish this exploit by providing the malicious recording file directly to users, or by directing a user to a malicious web page.
Source: https://threatpost.com/cisco-fixes-remote-code-execution-flaws-in-several-webex-products/105970/