Body Background
TrendAI™ Zero Day Initiative™ Logo

WebEx Downloader Plug-in Code Execution Vulnerability

July 6th, 2006
ZDI-06-021 ZDI-CAN-034

CVE ID

CVE-2006-3423

CVSS Score

None None

Affected Vendors

WebEx Communications Inc.

Affected Products

Web Conference ActiveX Control

Vulnerability Details

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of the WebEx Downloader Plug-in. Successful exploitation requires that the target user browse to a malicious web page.

The specific flaws exists due to the lack of input validation on various ActiveX/Java control parameters and configuration directives. The "GpcUrlRoot" and "GpcIniFileName" ActiveX/Java control parameters allow an attacker to specify the location of a configuration file containing further control directives. This allows an attacker to transfer arbitrary files and executables to the target. The attacker can then leverage available configuration directives to execute the newly created executables thereby compromising the underlying system.

Additional Details

WebEx Communications Inc. has issued an update to correct this vulnerability. More details can be found at:
http://www.webex.com/lp/security/ActiveAdv.html?TrackID=123456

Disclosure Timeline

  • 2006-04-11 - Vulnerability reported to vendor
  • 2006-07-06 - Coordinated public release of advisory

Credit

Anonymous

Back to Advisories

Hero Background

Stand at the front line of proactive security

Trend ZDI connects the experts who discover, remediate, and defend.
Add your voice to the work that pushes attackers back.

RESEARCHERS

Submit a vulnerability

VENDORS

Learn how it works

ORGANIZATIONS

See how you're protected