Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:6BFA49558B975C0A10DCE2CF2C0795EB
HistoryAug 22, 2008 - 12:00 a.m.

WebEx Meeting Manager atucfobj.dll ActiveX buffer overflow

2008-08-2200:00:00
SAINT Corporation
download.saintcorporation.com
13

0.925 High

EPSS

Percentile

99.0%

JSON

Added: 08/22/2008
CVE: CVE-2008-3558
BID: 30578
OSVDB: 47344

Background

The WebEx Meeting Manager is automatically installed when a user starts or joins a meeting.

Problem

A buffer overflow vulnerability in the **atucfobj.dll** ActiveX control allows command execution when a user loads a web page which calls the **NewObject** method with a specially crafted parameter.

Resolution

Remove the WebEx Meeting Manager. A fixed version will be installed the next time a user starts or joins a meeting hosted by a WebEx server running a fixed software version.

References

<http://archives.neohapsis.com/archives/fulldisclosure/2008-08/0084.html&gt;
<http://www.cisco.com/warp/public/707/cisco-sa-20080814-webex.shtml&gt;

Limitations

Exploit works on WebEx Meeting Manager 20.2008.2601.4928 and requires a user to load the exploit page in Internet Explorer.

Platforms

Windows

Related

cve 2
saint 3
cisco 1
nessus 1
d2 1
checkpoint_advisories 2
prion 2
nvd 2
packetstorm 1
cvelist 1
cert 1
cve
cve
CVE-2008-3558
2008-08-08 19:41:00
CVE-2008-2737
2022-10-03 16:14:05
saint
saint
WebEx Meeting Manager atucfobj.dll ActiveX buffer overflow
2008-08-22 00:00:00
WebEx Meeting Manager atucfobj.dll ActiveX buffer overflow
2008-08-22 00:00:00
WebEx Meeting Manager atucfobj.dll ActiveX buffer overflow
2008-08-22 00:00:00
cisco
cisco
Vulnerability in Cisco WebEx Meeting Manager ActiveX Control
2008-08-14 22:30:00
nessus
nessus
WebEx Meeting Manager WebexUCFObject ActiveX Control Buffer Overflow
2008-08-11 00:00:00
d2
d2
DSquare Exploit Pack: D2SEC_WEBEX
2008-08-08 19:41:00
checkpoint_advisories
checkpoint_advisories
Cisco WebEx Meeting Manager ActiveX Control Buffer Overflow (CVE-2008-3558)
2008-08-18 00:00:00
Cisco WebEx UCF atucfobj.dll ActiveX NewObject Buffer Overflow - Ver2 (CVE-2008-3558)
2014-04-16 00:00:00
prion
prion
Stack overflow
2008-08-08 19:41:00
Design/Logic Flaw
2008-08-18 20:41:00
nvd
nvd
CVE-2008-3558
2008-08-08 19:41:00
CVE-2008-2737
2008-08-18 20:41:00
packetstorm
packetstorm
WebEx UCF atucfobj.dll ActiveX NewObject Method Buffer Overflow
2010-03-04 00:00:00
cvelist
cvelist
CVE-2008-3558
2008-08-08 19:00:00
cert
cert
Cisco WebEx Meeting Manager WebexUCFObject ActiveX Control stack buffer overflow
2008-08-15 00:00:00

0.925 High

EPSS

Percentile

99.0%

JSON
Related for SAINT:6BFA49558B975C0A10DCE2CF2C0795EB
cve2saint3cisco1nessus1d21checkpoint_advisories2prion2nvd2packetstorm1cvelist1cert1