CVE-2006-3423

2006-07-07T00:05:00
ID CVE-2006-3423
Type cve
Reporter cve@mitre.org
Modified 2018-10-18T16:47:00

Description

WebEx Downloader ActiveX Control and WebEx Downloader Java before 2.1.0.0 do not validate downloaded components, which allows remote attackers to execute arbitrary code via a website that activates the GpcUrlRoot and GpcIniFileName ActiveX controls to cause the client to download a DLL file. Upgrade to version 2.1.0.0.