2 matches found
CVE-2011-0925
Cisco Secure Desktop (CSD) 3.x contains an ActiveX flaw in CSDWebInstaller.ocx (CSDWebInstallerCtrl) that allows remote code execution. The vulnerability stems from a lack of validation of executables downloaded by the CSDWebInstaller Web control, enabling an attacker to corrupt a downloaded prog...
CVE-2011-0925
The CSDWebInstallerCtrl ActiveX control in CSDWebInstaller.ocx in Cisco Secure Desktop CSD allows remote attackers to download an unintended Cisco program onto a client machine, and execute this program, by identifying a Cisco program with a Cisco digital signature and then renaming this program ...