WebEx Meeting Manager WebexUCFObject ActiveX Control Buffer Overflow

High Nessus Plugin ID 33859


The remote Windows host has an ActiveX control that is affected by a buffer overflow vulnerability.


The atucfobj module of the WebexUCFObject ActiveX control, used by WebEx Meeting Manager and installed on the remote host, reportedly contains a stack-based buffer overflow in its 'NewObject()' method.
If an attacker can trick a user on the affected host into viewing a specially crafted HTML document, this method could be used to execute arbitrary code on the affected system, subject to the user's privileges.


One solution is to confirm that the WebEx Meeting Service is running a fixed version of the software based on the instructions in Cisco's advisory, join a meeting or manually update the Meeting Manager client, and ensure that version 20.2008.2606.4919 of the control itself is installed.

Another is to remove the software as described in Cisco's advisory.

A third is to set the control's kill bit, again, as described in Cisco's advisory.

See Also




Plugin Details

Severity: High

ID: 33859

File Name: webex_atucfobj_bof.nasl

Version: $Revision: 1.18 $

Type: local

Agent: windows

Family: Windows

Published: 2008/08/11

Modified: 2016/11/03

Dependencies: 13855

Risk Information

Risk Factor: High


Base Score: 9.3

Temporal Score: 8.1

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:H/RL:OF/RC:C

Vulnerability Information

Required KB Items: SMB/Registry/Enumerated

Exploit Available: true

Exploit Ease: Exploits are available

Exploitable With

CANVAS (D2ExploitPack)

Metasploit (WebEx UCF atucfobj.dll ActiveX NewObject Method Buffer Overflow)

Reference Information

CVE: CVE-2008-3558

BID: 30578

OSVDB: 47344

Secunia: 31397

CWE: 119