CVE-2011-2039 in AnyConnect Secure Mobility Clientinformazioni

Riassunto

di MITRE

The helper application in Cisco AnyConnect Secure Mobility Client (formerly AnyConnect VPN Client) before 2.3.185 on Windows, and on Windows Mobile, downloads a client executable file (vpndownloader.exe) without verifying its authenticity, which allows remote attackers to execute arbitrary code via the url property to a certain ActiveX control in vpnweb.ocx, aka Bug ID CSCsy00904.

Be aware that VulDB is the high quality source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Prenotare

10/05/2011

Divulgazione

02/06/2011

Moderazione

accettato

Voce

VDB-57564

CPE

pronto

CWE

CWE-20 (confermato)

Sfruttamento

Scaricare

CVSS

7.6 (NVD)

EPSS

0.69959

KEV

Attività

molto basso

Settore

Government, Telecommunication, ...

Fonti

MITRE	https://www.cve.org/CVERecord?id=CVE-2011-2039
NVD	https://nvd.nist.gov/vuln/detail/CVE-2011-2039
CVE Details	https://www.cvedetails.com/cve/CVE-2011-2039/

◂ Precedente Visione D'ensemble Il prossimo ▸

Might our Artificial Intelligence support you?

Check our Alexa App!