2974 matches found
WebEx GPCContainer - Memory Access Violation Multiple Denial of Service Vulnerabilities
source: https://www.securityfocus.com/bid/26430/info WebEx is prone to multiple remote denial-of-service vulnerabilities. Attackers can exploit these issues to crash applications that use the ActiveX control, denying service to legitimate users. function Check var obj = new...
WebEx GPCContainer - Memory Access Violation Multiple Denial of Service Vulnerabilities
WebEx GPCContainer - Memory Access Violation Multiple Denial of Service Vulnerabilities source: https://www.securityfocus.com/bid/26430/info WebEx is prone to multiple remote denial-of-service vulnerabilities. Attackers can exploit these issues to crash applications that use the ActiveX control,...
WebEx Downloader ActiveX Control Command Injection
The Windows remote host contains the WebEx Downloader ActiveX control, which is used when attending or hosting a meeting using WebEx, a sharing and conferencing application for Windows. The version of this ActiveX control on the remote host reportedly allows an attacker to deliver arbitrary...
Multiple WebEx downloader plugin vulnerabilities
Buffer overflow, code execution...
WebEx Downloader Plug-in Multiple Vulnerabilities + rant
All these vulnerabilities were reported to WebEx by NGS Software back on the 24th February 2005 along with some other issues. The current Director of the X-Force new about these issues as at the time of their discovery, he worked with NGS. Seeing as I'm the subject, here is another example whereb...
[SA20956] WebEx Downloader Plug-in Multiple Vulnerabilities
---------------------------------------------------------------------- Reverse Engineer Wanted Secunia offers a Security Specialist position with emphasis on reverse engineering of software and exploit code, auditing of source code, and analysis of vulnerability reports...
ZDI-06-021: WebEx Downloader Plug-in Code Execution Vulnerability
ZDI-06-021: WebEx Downloader Plug-in Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-06-021.html July 6, 2006 -- CVE ID: CVE-2006-3423 -- Affected Vendor: WebEx Communications -- Affected Products: WebEx Downloader Plug-in tested on v2.0.0.7 -- TippingPointTM IPS...
CVE-2006-3424
Multiple buffer overflows in WebEx Downloader ActiveX Control, possibly in versions before November 2005, allow remote attackers to execute arbitrary code via unspecified vectors...
CVE-2006-3423
WebEx Downloader ActiveX Control and WebEx Downloader Java before 2.1.0.0 do not validate downloaded components, which allows remote attackers to execute arbitrary code via a website that activates the GpcUrlRoot and GpcIniFileName ActiveX controls to cause the client to download a DLL file...
CVE-2006-3424
CVE-2006-3424 concerns multiple buffer overflows in the WebEx Downloader ActiveX Control, potentially affecting versions prior to November 2005. The vulnerability could allow remote code execution by an attacker via unspecified attack vectors. The connected documents confirm the affected componen...
CVE-2006-3424
Multiple buffer overflows in WebEx Downloader ActiveX Control, possibly in versions before November 2005, allow remote attackers to execute arbitrary code via unspecified vectors...
CVE-2006-3423
CVE-2006-3423 affects WebEx Downloader ActiveX/Java controls prior to version 2.1.0.0. The vulnerability stems from lack of validation of downloaded components and control parameters (notably GpcUrlRoot and GpcIniFileName), allowing an attacker to supply a configuration file that can lead to DLL ...
CVE-2006-3423
WebEx Downloader ActiveX Control and WebEx Downloader Java before 2.1.0.0 do not validate downloaded components, which allows remote attackers to execute arbitrary code via a website that activates the GpcUrlRoot and GpcIniFileName ActiveX controls to cause the client to download a DLL file...
WebEx Downloader Plug-in Code Execution Vulnerability
This vulnerability allows attackers to execute arbitrary code on vulnerable installations of the WebEx Downloader Plug-in. Successful exploitation requires that the target user browse to a malicious web page. The specific flaws exists due to the lack of input validation on various ActiveX/Java...