CVE-2014-3399

2014-10-07T06:55:04
ID CVE-2014-3399
Type cve
Reporter NVD
Modified 2014-10-07T21:55:08

Description

The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) Software 9.2(.2.4) and earlier does not properly manage session information during creation of a SharePoint handler, which allows remote authenticated users to overwrite arbitrary RAMFS cache files or inject Lua programs, and consequently cause a denial of service (portal outage or system reload), via crafted HTTP requests, aka Bug ID CSCup54208.