CVE-2006-3423

N/A Unknown

Published: July 07, 2006 Modified: April 16, 2026

Description

WebEx Downloader ActiveX Control and WebEx Downloader Java before 2.1.0.0 do not validate downloaded components, which allows remote attackers to execute arbitrary code via a website that activates the GpcUrlRoot and GpcIniFileName ActiveX controls to cause the client to download a DLL file.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://secunia.com/advisories/20956

Source: cve@mitre.org

Patch Vendor Advisory

http://securitytracker.com/id?1016446

Source: cve@mitre.org

http://www.osvdb.org/27039

Source: cve@mitre.org

http://www.osvdb.org/27040

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/439496/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/18860

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2006/2688

Source: cve@mitre.org

Vendor Advisory

http://www.webex.com/lp/security/ActiveAdv.html?TrackID=123456

Source: cve@mitre.org

http://www.zerodayinitiative.com/advisories/ZDI-06-021.html

Source: cve@mitre.org

Vendor Advisory

http://xforce.iss.net/xforce/alerts/id/226

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/24370

Source: cve@mitre.org

http://secunia.com/advisories/20956

Source: af854a3a-2127-422b-91ae-364da2661108

Patch Vendor Advisory

http://securitytracker.com/id?1016446

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.osvdb.org/27039

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.osvdb.org/27040

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/439496/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/18860

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2006/2688

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.webex.com/lp/security/ActiveAdv.html?TrackID=123456

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.zerodayinitiative.com/advisories/ZDI-06-021.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://xforce.iss.net/xforce/alerts/id/226

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/24370

Source: af854a3a-2127-422b-91ae-364da2661108

22 reference(s) from NVD

Quick Stats

CVSS v3 Score

N/A / 10.0

EPSS (Exploit Probability)

13.1%

94th percentile

Exploitation Status

Not in CISA KEV

Weaknesses (CWE)

CWE-20

Affected Vendors

webex_communications

Related CVEs

CVE-2026-41907 N/A

CVE-2026-41894 N/A

CVE-2026-41492 9.8

CVE-2026-41421 8.8

CVE-2026-41419 7.6