← Voltar para CVEs
CVE-2012-4655
N/ADescricao
The WebLaunch feature in Cisco Secure Desktop before 3.6.6020 does not properly validate binaries that are received by the downloader process, which allows remote attackers to execute arbitrary code via vectors involving (1) ActiveX or (2) Java components, aka Bug IDs CSCtz76128 and CSCtz78204.
Detalhes CVE
Pontuacao CVSS v3.1N/A
Publicado9/24/2012
Ultima modificacao4/29/2026
Fontenvd
Avistamentos honeypot0
Produtos afetados
cisco:secure_desktop
Fraquezas (CWE)
CWE-20
Referencias
http://secunia.com/advisories/50669(psirt@cisco.com)
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120620-ac(psirt@cisco.com)
http://www.securityfocus.com/bid/55606(psirt@cisco.com)
https://exchange.xforce.ibmcloud.com/vulnerabilities/78677(psirt@cisco.com)
http://secunia.com/advisories/50669(af854a3a-2127-422b-91ae-364da2661108)
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120620-ac(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/55606(af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/78677(af854a3a-2127-422b-91ae-364da2661108)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.