EUVD-2017-15390

Malware in sbrugna...

Cisco AnyConnect Secure Mobility Client for Windows Uncontrolled Search Path Vulnerability

Cisco AnyConnect Secure Mobility Client for Windows allows for incorrect handling of directory paths. An attacker with valid credentials on Windows would be able to copy malicious files to arbitrary locations with system level privileges. This could include DLL pre-loading, DLL hijacking, and oth...

CVE-2020-3153

A vulnerability in the installer component of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated local attacker to copy user-supplied files to system level directories with system level privileges. The vulnerability is due to the incorrect handling of directory paths...

CVE-2020-3153 Cisco AnyConnect Secure Mobility Client for Windows Uncontrolled Search Path Vulnerability

A vulnerability in the installer component of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated local attacker to copy user-supplied files to system level directories with system level privileges. The vulnerability is due to the incorrect handling of directory paths...

CVE-2020-3153 Cisco AnyConnect Secure Mobility Client for Windows Uncontrolled Search Path Vulnerability

A vulnerability in the installer component of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated local attacker to copy user-supplied files to system level directories with system level privileges. The vulnerability is due to the incorrect handling of directory paths...

CVE-2017-6329

Symantec VIP Access for Desktop prior to 2.2.4 can be susceptible to a DLL Pre-Loading vulnerability. These types of issues occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use instead. Depending on how the application is configured, the...

Code injection

Symantec VIP Access for Desktop prior to 2.2.4 can be susceptible to a DLL Pre-Loading vulnerability. These types of issues occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use instead. Depending on how the application is configured, the...

CVE-2017-6329

Symantec VIP Access for Desktop prior to 2.2.4 can be susceptible to a DLL Pre-Loading vulnerability. These types of issues occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use instead. Depending on how the application is configured, the...

CVE-2017-6329

Symantec VIP Access for Desktop (before version 2.2.4) is affected by a DLL Pre-Loading vulnerability. The issue occurs when the application loads a DLL and an attacker supplies a malicious DLL, following the DLL search order to load it. This can allow writing to a file and potentially executing ...

Symantec VIP Access DLL Pre-Loading

SUMMARY Symantec has released an update to address an issue that was discovered in Symantec Validation & Identification Protection VIP Access for Desktop. AFFECTED PRODUCTS Symantec VIP Access --- CVE | Affected Versions | Remediation CVE-2017-6329 | Prior to 2.2.4 | Upgrade to 2.2.4 ISSUES...

Mail.ru: [FG-VD-17-115] Mail.ru's Amigo Browser DLL Pre-Loading Vulnerability Notification

Amigo browser installer before version 2.0.0.257 was vulnerable to DLL planting vulnerability. Amigo browser is not currently in the scope of the Mail.Ru Bug Bounty program...