Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2012-0358
HistoryMar 15, 2012 - 12:55 a.m.

CVE-2012-0358

2012-03-1500:55:01
CWE-119
[email protected]
web.nvd.nist.gov

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8 High

AI Score

Confidence

Low

0.026 Low

EPSS

Percentile

90.4%

JSON

Buffer overflow in the Cisco Port Forwarder ActiveX control in cscopf.ocx, as distributed through the Clientless VPN feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.0 through 7.2 before 7.2(5.6), 8.0 before 8.0(5.26), 8.1 before 8.1(2.53), 8.2 before 8.2(5.18), 8.3 before 8.3(2.28), 8.2 before 8.4(2.16), and 8.6 before 8.6(1.1), allows remote attackers to execute arbitrary code via unspecified vectors, aka Bug ID CSCtr00165.

Affected configurations

NVD
Node
ciscoadaptive_security_appliance_softwareMatch7.0
OR
ciscoadaptive_security_appliance_softwareMatch7.0\(0\)
OR
ciscoadaptive_security_appliance_softwareMatch7.0\(1\)
OR
ciscoadaptive_security_appliance_softwareMatch7.0\(2\)
OR
ciscoadaptive_security_appliance_softwareMatch7.0\(4\)
OR
ciscoadaptive_security_appliance_softwareMatch7.0\(5\)
OR
ciscoadaptive_security_appliance_softwareMatch7.0\(5.2\)
OR
ciscoadaptive_security_appliance_softwareMatch7.0\(6\)
OR
ciscoadaptive_security_appliance_softwareMatch7.0\(6.7\)
OR
ciscoadaptive_security_appliance_softwareMatch7.0\(7\)
OR
ciscoadaptive_security_appliance_softwareMatch7.0\(8\)
OR
ciscoadaptive_security_appliance_softwareMatch7.0.1
OR
ciscoadaptive_security_appliance_softwareMatch7.0.1.4
OR
ciscoadaptive_security_appliance_softwareMatch7.0.2
OR
ciscoadaptive_security_appliance_softwareMatch7.0.4
OR
ciscoadaptive_security_appliance_softwareMatch7.0.4.3
OR
ciscoadaptive_security_appliance_softwareMatch7.0.5
OR
ciscoadaptive_security_appliance_softwareMatch7.0.6
OR
ciscoadaptive_security_appliance_softwareMatch7.0.7
OR
ciscoadaptive_security_appliance_softwareMatch7.0.8
OR
ciscoadaptive_security_appliance_softwareMatch7.0.8interim
OR
ciscoadaptive_security_appliance_softwareMatch7.1
OR
ciscoadaptive_security_appliance_softwareMatch7.1\(2\)
OR
ciscoadaptive_security_appliance_softwareMatch7.1\(2.5\)
OR
ciscoadaptive_security_appliance_softwareMatch7.1\(2.27\)
OR
ciscoadaptive_security_appliance_softwareMatch7.1\(2.48\)
OR
ciscoadaptive_security_appliance_softwareMatch7.1\(2.49\)
OR
ciscoadaptive_security_appliance_softwareMatch7.1\(5\)
OR
ciscoadaptive_security_appliance_softwareMatch7.1.1
OR
ciscoadaptive_security_appliance_softwareMatch7.1.2
OR
ciscoadaptive_security_appliance_softwareMatch7.2
OR
ciscoadaptive_security_appliance_softwareMatch7.2\(1\)
OR
ciscoadaptive_security_appliance_softwareMatch7.2\(1.22\)
OR
ciscoadaptive_security_appliance_softwareMatch7.2\(2\)
OR
ciscoadaptive_security_appliance_softwareMatch7.2\(2.5\)
OR
ciscoadaptive_security_appliance_softwareMatch7.2\(2.7\)
OR
ciscoadaptive_security_appliance_softwareMatch7.2\(2.8\)
OR
ciscoadaptive_security_appliance_softwareMatch7.2\(2.10\)
OR
ciscoadaptive_security_appliance_softwareMatch7.2\(2.14\)
OR
ciscoadaptive_security_appliance_softwareMatch7.2\(2.15\)
OR
ciscoadaptive_security_appliance_softwareMatch7.2\(2.16\)
OR
ciscoadaptive_security_appliance_softwareMatch7.2\(2.17\)
OR
ciscoadaptive_security_appliance_softwareMatch7.2\(2.18\)
OR
ciscoadaptive_security_appliance_softwareMatch7.2\(2.19\)
OR
ciscoadaptive_security_appliance_softwareMatch7.2\(2.48\)
OR
ciscoadaptive_security_appliance_softwareMatch7.2\(3\)
OR
ciscoadaptive_security_appliance_softwareMatch7.2\(4\)
OR
ciscoadaptive_security_appliance_softwareMatch7.2\(5\)
OR
ciscoadaptive_security_appliance_softwareMatch7.2.1
OR
ciscoadaptive_security_appliance_softwareMatch7.2.2
OR
ciscoadaptive_security_appliance_softwareMatch7.2.3
OR
ciscoadaptive_security_appliance_softwareMatch7.2.4
OR
ciscoadaptive_security_appliance_softwareMatch7.2.5
OR
ciscoadaptive_security_appliance_softwareMatch8.0
OR
ciscoadaptive_security_appliance_softwareMatch8.0\(2\)
OR
ciscoadaptive_security_appliance_softwareMatch8.0\(3\)
OR
ciscoadaptive_security_appliance_softwareMatch8.0\(4\)
OR
ciscoadaptive_security_appliance_softwareMatch8.0\(5\)
OR
ciscoadaptive_security_appliance_softwareMatch8.0.2
OR
ciscoadaptive_security_appliance_softwareMatch8.0.3
OR
ciscoadaptive_security_appliance_softwareMatch8.0.4
OR
ciscoadaptive_security_appliance_softwareMatch8.0.5
OR
ciscoadaptive_security_appliance_softwareMatch8.1
OR
ciscoadaptive_security_appliance_softwareMatch8.2\(1\)
OR
ciscoadaptive_security_appliance_softwareMatch8.2\(2\)
OR
ciscoadaptive_security_appliance_softwareMatch8.2\(3\)
OR
ciscoadaptive_security_appliance_softwareMatch8.2\(3.9\)
OR
ciscoadaptive_security_appliance_softwareMatch8.2\(4\)
OR
ciscoadaptive_security_appliance_softwareMatch8.2\(4.1\)
OR
ciscoadaptive_security_appliance_softwareMatch8.2\(4.4\)
OR
ciscoadaptive_security_appliance_softwareMatch8.2\(5\)
OR
ciscoadaptive_security_appliance_softwareMatch8.2.1
OR
ciscoadaptive_security_appliance_softwareMatch8.2.2
OR
ciscoadaptive_security_appliance_softwareMatch8.2.2interim
OR
ciscoadaptive_security_appliance_softwareMatch8.2.3
OR
ciscoadaptive_security_appliance_softwareMatch8.3\(1\)
OR
ciscoadaptive_security_appliance_softwareMatch8.3\(2\)
OR
ciscoadaptive_security_appliance_softwareMatch8.3.1
OR
ciscoadaptive_security_appliance_softwareMatch8.3.1interim
OR
ciscoadaptive_security_appliance_softwareMatch8.3.2
OR
ciscoadaptive_security_appliance_softwareMatch8.4
OR
ciscoadaptive_security_appliance_softwareMatch8.4\(1\)
OR
ciscoadaptive_security_appliance_softwareMatch8.4\(1.11\)
OR
ciscoadaptive_security_appliance_softwareMatch8.4\(2\)
OR
ciscoadaptive_security_appliance_softwareMatch8.4\(2.11\)
OR
ciscoadaptive_security_appliance_softwareMatch8.5
OR
ciscoadaptive_security_appliance_softwareMatch8.6
OR
ciscoadaptive_security_appliance_softwareMatch8.6\(1\)
AND
cisco5500_series_adaptive_security_appliance

Related

nessus 2
cisa 1
cisco 1
cve 1
cert 1
securityvulns 2
prion 1
openvas 1
cvelist 1
nessus
nessus
MS 2695962: Update Rollup for ActiveX Kill Bits (2695962)
2012-05-09 00:00:00
Cisco AnyConnect Portforwarder ActiveX Control Initialization Parameter Parsing Buffer Overflow
2012-03-28 00:00:00
cisa
cisa
Cisco Releases Multiple Security Advisories
2012-03-14 00:00:00
cisco
cisco
Cisco ASA 5500 Series Adaptive Security Appliance Clientless VPN ActiveX Control Remote Code Execution Vulnerability
2012-03-14 16:00:00
cve
cve
CVE-2012-0358
2012-03-15 00:55:01
cert
cert
Cisco AnyConnect Clientless SSL VPN Portforwarder ActiveX control buffer overflow
2012-03-14 00:00:00
securityvulns
securityvulns
Cisco Security Advisory: Cisco ASA 5500 Series Adaptive Security Appliance Clientless VPN ActiveX Control Remote Code Execution Vulnerability
2012-03-18 00:00:00
Cisco ASA / Cisco FSM multiple security vulnerabilities
2012-03-18 00:00:00
prion
prion
Buffer overflow
2012-03-15 00:55:00
openvas
openvas
Microsoft VPN ActiveX Control Remote Code Execution Vulnerability (2695962)
2012-05-10 00:00:00
cvelist
cvelist
CVE-2012-0358
2012-03-15 00:00:00

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8 High

AI Score

Confidence

Low

0.026 Low

EPSS

Percentile

90.4%

JSON
Related for NVD:CVE-2012-0358
nessus2cisa1cisco1cve1cert1securityvulns2prion1openvas1cvelist1