WebEx.ActiveX.Code.Execution

description-logoDescription

This indicates a vulnerability in the WebEx ActiveX Control, which can be exploited by remote attackers to take complete control of an affected system.
The flaw is due to input validation errors when handling the "GpcUrlRoot" and "GpcIniFileName" parameters. It can be exploited by remote attackers to download and execute malicious components by tricking a user into visiting a specially crafted web page.

affected-products-logoAffected Products

WebEx ActiveX Control versions prior to 2.1.0.0

Impact logoImpact

System compromise.

recomended-action-logoRecommended Actions

Upgrade to version 2.1.0.0 :

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)