Webex Meeting Manager ActiveX Control Vulnerability

Cisco has released a Security Advisory to address a vulnerability that affects Cisco Webex Meeting Manager. This vulnerability is due to a buffer overflow condition in the "NewObject()" method within the WebexUCFObject ActiveX control (atucfobj.dll). By convincing a user to visit a specially crafted web page, open an e-mail message that contains embedded malicious HTML code, or by sending malicious HTML code via instant messaging applications, a remote attacker may be able to execute arbitrary code.

US-CERT encourages users to review Cisco Security Advisory 107751 and apply any necessary updates or workarounds listed in the document. Additional information about this vulnerability can be found in the Vulnerability Notes Database.

Read more: US-CERT Current Activity