Cisco WebEx Extension 'magic URL' Remote Command Execution Vulnerability

Bugtraq ID: 95737
Class: Input Validation Error
CVE: CVE-2017-3823
Remote: Yes
Local: No
Published: Jan 24 2017 12:00AM
Updated: Feb 02 2017 01:03AM
Credit: Tavis Ormandy.
Vulnerable: Mozilla ActiveTouch General Plugin Container 0
Microsoft WebEx Internet Explorer GpcContainer ActiveX 0
Google WebEx Extension for Chrome 0
Cisco Cisco WebEx Extension 1.0.5
Cisco Cisco WebEx Extension 1.0.3
Cisco Cisco WebEx Extension 1.0.2
Not Vulnerable: Mozilla ActiveTouch General Plugin Container 106
Microsoft WebEx Internet Explorer GpcContainer ActiveX 10031.6.2017.0127
Google WebEx Extension for Chrome 1.0.7


 

Privacy Statement
Copyright 2010, SecurityFocus