WebEx Downloader ActiveX Control Command Injection
High Nessus Plugin ID 22047
SynopsisThe remote Windows host has an ActiveX control that allows for arbitrary code execution.
DescriptionThe Windows remote host contains the WebEx Downloader ActiveX control, which is used when attending or hosting a meeting using WebEx, a sharing and conferencing application for Windows.
The version of this ActiveX control on the remote host reportedly allows an attacker to deliver arbitrary components to the affected host, which could later be executed subject to the privileges of the current user.
SolutionUpgrade to WebEx Downloader plugin 184.108.40.206 or later.