CVE-2012-0358

CVE-2012-0358 affects Cisco ASA 5500 Series devices' Clientless VPN with the Cisco Port Forwarder ActiveX control (cscopf.ocx). The root cause is a buffer overflow in initialization parameters, enabling remote code execution. Affected software versions include ASA 7.0–7.2 (before 7.2(5.6)), 8.0 (...

Cisco AnyConnect Clientless SSL VPN Portforwarder ActiveX control buffer overflow

Overview The Cisco AnyConnect ActiveX control contains a buffer overflow vulnerability, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Cisco AnyConnect is an SSL VPN solution that is commonly initiated through use of a web browser...