CVE-2006-3423

CVE-2006-3423 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

WebEx Downloader ActiveX Control and WebEx Downloader Java before 2.1.0.0 do not validate downloaded components, which allows remote attackers to execute arbitrary code via a website that activates the GpcUrlRoot and GpcIniFileName ActiveX controls to cause the client to download a DLL file.

Learn more about our Web Application Penetration Testing UK.