var-200808-0182
Vulnerability from variot
Stack-based buffer overflow in the WebexUCFObject ActiveX control in atucfobj.dll in Cisco WebEx Meeting Manager before 20.2008.2606.4919 allows remote attackers to execute arbitrary code via a long argument to the NewObject method. WebEx Meeting Manager is prone to a stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input. This issue affects the 'atucfobj.dll' ActiveX control library. Failed attacks will likely cause denial-of-service conditions. 'atucfobj.dll' 20.2008.2601.4928 is vulnerable; other versions may also be affected. The vulnerable versions of the ActiveX control are hosted by WebEx meeting service servers running WBS 23, 25, and 26 prior to 26.49.9.2838. WebEx is Cisco's web conferencing solution. WebEx Meeting Manager versions earlier than 20.2008.2606.4919 have a stack overflow vulnerability. The WebexUCFObject control in Atucfobj.dll does not properly validate input parameters to the NewObject() method. ----------------------------------------------------------------------
Want a new job?
http://secunia.com/secunia_security_specialist/ http://secunia.com/hardcore_disassembler_and_reverse_engineer/
International Partner Manager - Project Sales in the IT-Security Industry: http://corporate.secunia.com/about_secunia/64/
TITLE: Webex Meeting Manager WebexUCFObject ActiveX Control Buffer Overflow
SECUNIA ADVISORY ID: SA31397
VERIFY ADVISORY: http://secunia.com/advisories/31397/
CRITICAL: Highly critical
IMPACT: System access
WHERE:
From remote
SOFTWARE: WebEx Meeting Manager http://secunia.com/product/3003/
DESCRIPTION: Elazar Broad has discovered a vulnerability in Webex Meeting Manager, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to a boundary error within the WebexUCFObject ActiveX control (atucfobj.dll) when handling arguments passed to the "NewObject()" method.
Successful exploitation allows execution of arbitrary code.
The vulnerability is confirmed in version 20.2008.2601.4928.
SOLUTION: The vendor has reportedly fixed the vulnerability in version 20.2008.2606.4919.
PROVIDED AND/OR DISCOVERED BY: Elazar Broad
ORIGINAL ADVISORY: http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/063692.html
About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200808-0182",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "webex meeting manager",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "20.2008.2601.4928"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "webex",
"version": null
},
{
"model": "webex meeting manager",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco",
"version": "26.49.9.2838"
},
{
"model": "meeting manager \u0027atucfobj.dll\u0027",
"scope": "eq",
"trust": 0.3,
"vendor": "webex",
"version": "20.2008.2601.4928"
},
{
"model": "meeting manager \u0027atucfobj.dll\u0027",
"scope": "ne",
"trust": 0.3,
"vendor": "webex",
"version": "20.2008.2606.4919"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#661827"
},
{
"db": "BID",
"id": "30578"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002516"
},
{
"db": "CNNVD",
"id": "CNNVD-200808-107"
},
{
"db": "NVD",
"id": "CVE-2008-3558"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:cisco:webex_meeting_manager",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-002516"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Elazar Broad\u203b elazarb@earthlink.net",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200808-107"
}
],
"trust": 0.6
},
"cve": "CVE-2008-3558",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2008-3558",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-33683",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2008-3558",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#661827",
"trust": 0.8,
"value": "30.07"
},
{
"author": "NVD",
"id": "CVE-2008-3558",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-200808-107",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-33683",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#661827"
},
{
"db": "VULHUB",
"id": "VHN-33683"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002516"
},
{
"db": "CNNVD",
"id": "CNNVD-200808-107"
},
{
"db": "NVD",
"id": "CVE-2008-3558"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Stack-based buffer overflow in the WebexUCFObject ActiveX control in atucfobj.dll in Cisco WebEx Meeting Manager before 20.2008.2606.4919 allows remote attackers to execute arbitrary code via a long argument to the NewObject method. WebEx Meeting Manager is prone to a stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input. This issue affects the \u0027atucfobj.dll\u0027 ActiveX control library. Failed attacks will likely cause denial-of-service conditions. \n\u0027atucfobj.dll\u0027 20.2008.2601.4928 is vulnerable; other versions may also be affected. \nThe vulnerable versions of the ActiveX control are hosted by WebEx meeting service servers running WBS 23, 25, and 26 prior to 26.49.9.2838. WebEx is Cisco\u0027s web conferencing solution. WebEx Meeting Manager versions earlier than 20.2008.2606.4919 have a stack overflow vulnerability. The WebexUCFObject control in Atucfobj.dll does not properly validate input parameters to the NewObject() method. ----------------------------------------------------------------------\n\nWant a new job?\n\nhttp://secunia.com/secunia_security_specialist/\nhttp://secunia.com/hardcore_disassembler_and_reverse_engineer/\n\nInternational Partner Manager - Project Sales in the IT-Security\nIndustry:\nhttp://corporate.secunia.com/about_secunia/64/\n\n----------------------------------------------------------------------\n\nTITLE:\nWebex Meeting Manager WebexUCFObject ActiveX Control Buffer Overflow\n\nSECUNIA ADVISORY ID:\nSA31397\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/31397/\n\nCRITICAL:\nHighly critical\n\nIMPACT:\nSystem access\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nWebEx Meeting Manager\nhttp://secunia.com/product/3003/\n\nDESCRIPTION:\nElazar Broad has discovered a vulnerability in Webex Meeting Manager,\nwhich can be exploited by malicious people to compromise a user\u0027s\nsystem. \n\nThe vulnerability is caused due to a boundary error within the\nWebexUCFObject ActiveX control (atucfobj.dll) when handling arguments\npassed to the \"NewObject()\" method. \n\nSuccessful exploitation allows execution of arbitrary code. \n\nThe vulnerability is confirmed in version 20.2008.2601.4928. \n\nSOLUTION:\nThe vendor has reportedly fixed the vulnerability in version\n20.2008.2606.4919. \n\nPROVIDED AND/OR DISCOVERED BY:\nElazar Broad\n\nORIGINAL ADVISORY:\nhttp://lists.grok.org.uk/pipermail/full-disclosure/2008-August/063692.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2008-3558"
},
{
"db": "CERT/CC",
"id": "VU#661827"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002516"
},
{
"db": "BID",
"id": "30578"
},
{
"db": "VULHUB",
"id": "VHN-33683"
},
{
"db": "PACKETSTORM",
"id": "68892"
}
],
"trust": 2.79
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-33683",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-33683"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#661827",
"trust": 3.6
},
{
"db": "SECUNIA",
"id": "31397",
"trust": 3.4
},
{
"db": "NVD",
"id": "CVE-2008-3558",
"trust": 2.8
},
{
"db": "BID",
"id": "30578",
"trust": 2.8
},
{
"db": "EXPLOIT-DB",
"id": "6220",
"trust": 1.7
},
{
"db": "VUPEN",
"id": "ADV-2008-2319",
"trust": 1.7
},
{
"db": "SECTRACK",
"id": "1020641",
"trust": 1.7
},
{
"db": "XF",
"id": "44250",
"trust": 1.4
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002516",
"trust": 0.8
},
{
"db": "CISCO",
"id": "20080814 VULNERABILITY IN CISCO WEBEX MEETING MANAGER ACTIVEX CONTROL",
"trust": 0.6
},
{
"db": "MILW0RM",
"id": "6220",
"trust": 0.6
},
{
"db": "FULLDISC",
"id": "20080806 WEBEX ATUCFOBJ MODULE ACTIVEX CONTROL BUFFER OVERFLOW VULNERABILITY",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200808-107",
"trust": 0.6
},
{
"db": "EXPLOIT-DB",
"id": "16604",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-71118",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "86895",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-33683",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "68892",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#661827"
},
{
"db": "VULHUB",
"id": "VHN-33683"
},
{
"db": "BID",
"id": "30578"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002516"
},
{
"db": "PACKETSTORM",
"id": "68892"
},
{
"db": "CNNVD",
"id": "CNNVD-200808-107"
},
{
"db": "NVD",
"id": "CVE-2008-3558"
}
]
},
"id": "VAR-200808-0182",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-33683"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T22:09:34.478000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "cisco-sa-20080814-webex",
"trust": 0.8,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20080814-webex.shtml"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2008-002516"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-33683"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002516"
},
{
"db": "NVD",
"id": "CVE-2008-3558"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "http://www.kb.cert.org/vuls/id/661827"
},
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/30578"
},
{
"trust": 2.5,
"url": "http://secunia.com/advisories/31397"
},
{
"trust": 1.8,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-august/063692.html"
},
{
"trust": 1.7,
"url": "http://www.cisco.com/en/us/products/products_security_advisory09186a00809e2006.shtml"
},
{
"trust": 1.7,
"url": "http://www.securitytracker.com/id?1020641"
},
{
"trust": 1.4,
"url": "http://xforce.iss.net/xforce/xfdb/44250"
},
{
"trust": 1.1,
"url": "https://www.exploit-db.com/exploits/6220"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2008/2319"
},
{
"trust": 1.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44250"
},
{
"trust": 0.9,
"url": "http://secunia.com/advisories/31397/"
},
{
"trust": 0.8,
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20080814-webex.shtml"
},
{
"trust": 0.8,
"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2008-august/063692.html "
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3558"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2008-3558"
},
{
"trust": 0.6,
"url": "http://www.milw0rm.com/exploits/6220"
},
{
"trust": 0.6,
"url": "http://www.frsirt.com/english/advisories/2008/2319"
},
{
"trust": 0.3,
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2008-08/0084.html"
},
{
"trust": 0.3,
"url": "http://support.webex.com/support/downloads.html"
},
{
"trust": 0.3,
"url": "http://support.microsoft.com/kb/240797"
},
{
"trust": 0.3,
"url": "http://www.webex.com/"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_advisories/"
},
{
"trust": 0.1,
"url": "http://secunia.com/hardcore_disassembler_and_reverse_engineer/"
},
{
"trust": 0.1,
"url": "http://secunia.com/product/3003/"
},
{
"trust": 0.1,
"url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
},
{
"trust": 0.1,
"url": "http://secunia.com/secunia_security_specialist/"
},
{
"trust": 0.1,
"url": "http://corporate.secunia.com/about_secunia/64/"
},
{
"trust": 0.1,
"url": "http://secunia.com/about_secunia_advisories/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#661827"
},
{
"db": "VULHUB",
"id": "VHN-33683"
},
{
"db": "BID",
"id": "30578"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002516"
},
{
"db": "PACKETSTORM",
"id": "68892"
},
{
"db": "CNNVD",
"id": "CNNVD-200808-107"
},
{
"db": "NVD",
"id": "CVE-2008-3558"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#661827"
},
{
"db": "VULHUB",
"id": "VHN-33683"
},
{
"db": "BID",
"id": "30578"
},
{
"db": "JVNDB",
"id": "JVNDB-2008-002516"
},
{
"db": "PACKETSTORM",
"id": "68892"
},
{
"db": "CNNVD",
"id": "CNNVD-200808-107"
},
{
"db": "NVD",
"id": "CVE-2008-3558"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-08-15T00:00:00",
"db": "CERT/CC",
"id": "VU#661827"
},
{
"date": "2008-08-08T00:00:00",
"db": "VULHUB",
"id": "VHN-33683"
},
{
"date": "2008-08-06T00:00:00",
"db": "BID",
"id": "30578"
},
{
"date": "2011-06-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-002516"
},
{
"date": "2008-08-08T18:43:59",
"db": "PACKETSTORM",
"id": "68892"
},
{
"date": "2008-08-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200808-107"
},
{
"date": "2008-08-08T19:41:00",
"db": "NVD",
"id": "CVE-2008-3558"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-08-15T00:00:00",
"db": "CERT/CC",
"id": "VU#661827"
},
{
"date": "2017-09-29T00:00:00",
"db": "VULHUB",
"id": "VHN-33683"
},
{
"date": "2010-03-05T05:41:00",
"db": "BID",
"id": "30578"
},
{
"date": "2011-06-08T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2008-002516"
},
{
"date": "2009-03-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200808-107"
},
{
"date": "2024-11-21T00:49:32.270000",
"db": "NVD",
"id": "CVE-2008-3558"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200808-107"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco WebEx Meeting Manager WebexUCFObject ActiveX Control stack buffer overflow",
"sources": [
{
"db": "CERT/CC",
"id": "VU#661827"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200808-107"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…