← Volver a CVEs
CVE-2012-4655
N/ADescripcion
The WebLaunch feature in Cisco Secure Desktop before 3.6.6020 does not properly validate binaries that are received by the downloader process, which allows remote attackers to execute arbitrary code via vectors involving (1) ActiveX or (2) Java components, aka Bug IDs CSCtz76128 and CSCtz78204.
Detalles CVE
Puntuacion CVSS v3.1N/A
Publicado9/24/2012
Ultima modificacion4/29/2026
Fuentenvd
Avistamientos honeypot0
Productos afectados
cisco:secure_desktop
Debilidades (CWE)
CWE-20
Referencias
http://secunia.com/advisories/50669(psirt@cisco.com)
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120620-ac(psirt@cisco.com)
http://www.securityfocus.com/bid/55606(psirt@cisco.com)
https://exchange.xforce.ibmcloud.com/vulnerabilities/78677(psirt@cisco.com)
http://secunia.com/advisories/50669(af854a3a-2127-422b-91ae-364da2661108)
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120620-ac(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/55606(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/78677(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.