Cisco WebEx Extension 'magic URL' Remote Command Execution Vulnerability

Cisco WebEx Extension is prone to a remote command-execution vulnerability because it fails to properly sanitize user-supplied input.

Successful exploit allows an attacker to execute arbitrary commands with user privileges in context of the affected application.

This issue is being tracked by Cisco Bug IDs CSCvc86959 and CSCvc88194.


Privacy Statement
Copyright 2010, SecurityFocus