Vulnerability in WebEx ActiveX control

By

A new buffer overflow vulnerability was discovered in an Active X Control used by Cisco WebEx Meeting Manager, which may result in a denial of service or remote code execution, according to SecuObs.

Cisco has not posed a security advisory about this, but this is not the first Active X vulnerability in WebEx.

Vulnerability in WebEx ActiveX control

In general, vulnerabilities in ActiveX -- beyond those just affecting Cisco products -- are gaining steam as a top attack vector due to the ease of exploitation, according to Umesh Wanve, research engineer at cloud Security as a Service (SaaS) vendor Zscaler. Over the past few years, there have been numerous buffer overflow and file overwrite vulnerabilities discovered in in ActiveX controls, many with working exploits, Wanve wrote on the Zscaler research blog

“These are very easy to exploit as there is a great deal of information available including vulnerability details, proof-of-concept exploits, etc. freely available on the Internet,” Wanve said.

ActiveX controls have various properties and methods, which can be exploited if they're improperly coded, Wanve said.

“If someone were to find a vulnerable property or method in an ActiveX control, it is not be difficult to create a working exploit and host it on a web server,” Wanve said. “If the vulnerable control is marked ‘safe for scripting' it can then be remotely called and exploited by a malicious web site.”

In August 2008, a similar vulnerability was discovered in WebEx. Cisco's security advisory said a buffer overflow vulnerability was present in an ActiveX control used by the WebEx Meeting Manager. The flaw could have allowed an attacker to execute arbitrary code if a user browsed to a web-site that contained the malicious content. The vulnerability could have also been exploited through HTML embedded in e-mail messages or that is delivered via instant messaging applications.

Last month, a free open-source tool to detect ActiveX vulnerabilities was released by the CERT Coordination Center at the Carnegie Mellon Software Engineering Institute in Pittsburgh. Dubbed Dranzer, the tool was tested on 22,000 ActiveX controls produced by more than 5,000 organizations. Dranzer is designed for use during the quality assurance phase of software creation and can help prevent flaws, such as buffer overflows, from being shipped in software to the public.

See original article on scmagazineus.com

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © SC Magazine, US edition
Tags:
activexbuffercontrolflawoverflowsecurityvulnerabilitywebex

Sponsored Whitepapers

See everything. Do more.
See everything. Do more.
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Diamond IT Delivers GRC Transformation with Microsoft Purview
Diamond IT Delivers GRC Transformation with Microsoft Purview
Linktech Powers Energy Trader’s Essential Eight Compliance in Just Eight Weeks
Linktech Powers Energy Trader’s Essential Eight Compliance in Just Eight Weeks
Byte Delivers Future-Ready IT: Transforming Endpoint Security and Productivity with a Cloud-First Strategy
Byte Delivers Future-Ready IT: Transforming Endpoint Security and Productivity with a Cloud-First Strategy

Events

Most Read Articles

India's alarm over Chinese spying rocks CCTV makers

India's alarm over Chinese spying rocks CCTV makers
Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies
Woolworths' CSO is Optus-bound

Woolworths' CSO is Optus-bound
Cyber companies hope to untangle weird hacker codenames

Cyber companies hope to untangle weird hacker codenames
techpartner.news logo
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
"It's an exciting time to be part of the health and aged care sector"
"It's an exciting time to be part of the health and aged care sector"
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Orro claims Australia first with managed digital asset discovery service
Orro claims Australia first with managed digital asset discovery service

Log In

  |  Forgot your password?