WebEx Meeting Manager WebexUCFObject ActiveX Control Buffer Overflow
High Nessus Plugin ID 33859
SynopsisThe remote Windows host has an ActiveX control that is affected by a buffer overflow vulnerability.
DescriptionThe atucfobj module of the WebexUCFObject ActiveX control, used by WebEx Meeting Manager and installed on the remote host, reportedly contains a stack-based buffer overflow in its 'NewObject()' method.
If an attacker can trick a user on the affected host into viewing a specially crafted HTML document, this method could be used to execute arbitrary code on the affected system, subject to the user's privileges.
SolutionOne solution is to confirm that the WebEx Meeting Service is running a fixed version of the software based on the instructions in Cisco's advisory, join a meeting or manually update the Meeting Manager client, and ensure that version 20.2008.2606.4919 of the control itself is installed.
Another is to remove the software as described in Cisco's advisory.
A third is to set the control's kill bit, again, as described in Cisco's advisory.