Lucene search

[email protected]NVD:CVE-2013-5559

HistoryNov 04, 2013 - 4:55 p.m.

CVE-2013-5559

2013-11-0416:55:05

CWE-119

[email protected]

web.nvd.nist.gov

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.5 High

AI Score

Confidence

High

0.833 High

EPSS

Percentile

98.5%

JSON

Buffer overflow in the Active Template Library (ATL) framework in the VPNAPI COM module in Cisco AnyConnect Secure Mobility Client 2.x allows user-assisted remote attackers to execute arbitrary code via a crafted HTML document, aka Bug ID CSCuj58139.

Affected configurations

NVD

Node

ciscoanyconnect_secure_mobility_clientMatch2.0

ciscoanyconnect_secure_mobility_clientMatch2.1

ciscoanyconnect_secure_mobility_clientMatch2.2

ciscoanyconnect_secure_mobility_clientMatch2.2.128

ciscoanyconnect_secure_mobility_clientMatch2.2.133

ciscoanyconnect_secure_mobility_clientMatch2.2.136

ciscoanyconnect_secure_mobility_clientMatch2.2.140

ciscoanyconnect_secure_mobility_clientMatch2.3

ciscoanyconnect_secure_mobility_clientMatch2.3.185

ciscoanyconnect_secure_mobility_clientMatch2.3.254

ciscoanyconnect_secure_mobility_clientMatch2.3.2016

ciscoanyconnect_secure_mobility_clientMatch2.4

ciscoanyconnect_secure_mobility_clientMatch2.4symbian_os

ciscoanyconnect_secure_mobility_clientMatch2.4.0202

ciscoanyconnect_secure_mobility_clientMatch2.4.1012

ciscoanyconnect_secure_mobility_clientMatch2.4.4004iphone_os

ciscoanyconnect_secure_mobility_clientMatch2.4.4014iphone_os

ciscoanyconnect_secure_mobility_clientMatch2.4.5004symbian_os

ciscoanyconnect_secure_mobility_clientMatch2.4.7030android

ciscoanyconnect_secure_mobility_clientMatch2.4.7073android

ciscoanyconnect_secure_mobility_clientMatch2.5

ciscoanyconnect_secure_mobility_clientMatch2.5.0217

ciscoanyconnect_secure_mobility_clientMatch2.5.1025

ciscoanyconnect_secure_mobility_clientMatch2.5.2001

ciscoanyconnect_secure_mobility_clientMatch2.5.2006

ciscoanyconnect_secure_mobility_clientMatch2.5.2010

ciscoanyconnect_secure_mobility_clientMatch2.5.2011

ciscoanyconnect_secure_mobility_clientMatch2.5.2014

ciscoanyconnect_secure_mobility_clientMatch2.5.2017

ciscoanyconnect_secure_mobility_clientMatch2.5.2018

ciscoanyconnect_secure_mobility_clientMatch2.5.2019

ciscoanyconnect_secure_mobility_clientMatch2.5.3041

ciscoanyconnect_secure_mobility_clientMatch2.5.3046

ciscoanyconnect_secure_mobility_clientMatch2.5.3051

ciscoanyconnect_secure_mobility_clientMatch2.5.3054

ciscoanyconnect_secure_mobility_clientMatch2.5.3055

ciscoanyconnect_secure_mobility_clientMatch2.5.5112iphone_os

ciscoanyconnect_secure_mobility_clientMatch2.5.5116android

ciscoanyconnect_secure_mobility_clientMatch2.5.5118android

ciscoanyconnect_secure_mobility_clientMatch2.5.5125android

ciscoanyconnect_secure_mobility_clientMatch2.5.5130iphone_os

ciscoanyconnect_secure_mobility_clientMatch2.5.5131android

ciscoanyconnect_secure_mobility_clientMatch2.5.6005

References

tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5559

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.5 High

AI Score

Confidence

High

0.833 High

EPSS

Percentile

98.5%

JSON

Related for NVD:CVE-2013-5559

cvelist1 nessus2 cisco1 prion1 cve1