Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: WebEx ActiveX buffer overflow SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network
https://isc.sans.edu/honeypot.html

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
WebEx ActiveX buffer overflow

Last night, Cisco (who now owns WebEx) posted a bulletin about a buffer overflow in the WebEx Meeting Manager ActiveX control.  This one looks like it has the potential to be serious, so if you use WebEx, you are advised to read the Cisco advisory and update or set the killbit.

 

References:

http://www.cisco.com/warp/public/707/cisco-sa-20080814-webex.shtml

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2737 (not live yet)

I will be teaching next: Reverse-Engineering Malware: Malware Analysis Tools and Techniques - SANS Baltimore Fall 2020

Jim

416 Posts
ISC Handler
Aug 15th 2008

Sign Up for Free or Log In to start participating in the conversation!