WebEx.ActiveX.Code.Execution
Description
This indicates a vulnerability in the WebEx ActiveX Control, which can be exploited by remote attackers to take complete control of an affected system.
The flaw is due to input validation errors when handling the "GpcUrlRoot" and "GpcIniFileName" parameters. It can be exploited by remote attackers to download and execute malicious components by tricking a user into visiting a specially crafted web page.
Affected Products
WebEx ActiveX Control versions prior to 2.1.0.0
Impact
System compromise.
Recommended Actions
Upgrade to version 2.1.0.0 :
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |