Lucene search
CiscoCVELIST:CVE-2012-2493HistoryJun 20, 2012 - 8:00 p.m.
CVE-2012-2493
2012-06-2020:00:00
cisco
www.cve.org
4
cisco anyconnect
vpn downloader
validate binaries
remote code execution
windows
mac os x
linux
activex
java components
bug id csctw47523
The VPN downloader implementation in the WebLaunch feature in Cisco AnyConnect Secure Mobility Client 2.x before 2.5 MR6 on Windows, and 2.x before 2.5 MR6 and 3.x before 3.0 MR8 on Mac OS X and Linux, does not properly validate binaries that are received by the downloader process, which allows remote attackers to execute arbitrary code via vectors involving (1) ActiveX or (2) Java components, aka Bug ID CSCtw47523.
Related
zdi
zdi
cve
cve
CVE-2012-2493
2012-06-20 20:55:02
nessus
nessus
Cisco AnyConnect Secure Mobility Client VPN Downloader RCE (cisco-sa-20120620-ac)
2012-07-02 00:00:00
MacOSX Cisco AnyConnect Secure Mobility Client Multiple Vulnerabilities
2012-07-02 00:00:00
MS 2736233: Update Rollup for ActiveX Kill Bits (2736233)
2012-09-11 00:00:00
prion
prion
Code injection
2012-06-20 20:55:00
nvd
nvd
CVE-2012-2493
2012-06-20 20:55:02
securityvulns
securityvulns
openvas
openvas
Cisco Products ActiveX Control Multiple Vulnerabilities
2012-09-12 00:00:00
Cisco Products ActiveX Control Multiple Vulnerabilities
2012-09-12 00:00:00
cisco
cisco
Multiple Vulnerabilities in Cisco AnyConnect Secure Mobility Client
2012-06-20 16:00:00