|
|
CVE Reference: CVE-2006-3423 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2006-3423 |
|
|
Description: WebEx Downloader ActiveX Control and WebEx Downloader Java before 2.1.0.0 do not validate downloaded components, which allows remote attackers to execute arbitrary code via a website that activates the GpcUrlRoot and GpcIniFileName ActiveX controls to cause the client to download a DLL file. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/24370 ST 1016446 SAID Secunia Advisory: SA20956 OSVDB 27040 27039 MISC http://www.zerodayinitiative.com/advisories/ZDI-06-021.html ISS http://xforce.iss.net/xforce/alerts/id/226 CONFIRM http://www.webex.com/lp/security/ActiveAdv.html?TrackID=123456 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/439496/100/0/threaded BID 18860 |
|
| Return to the previous page. |
