Lucene search

K

6 matches found

CVE
CVE
added 2010/02/03 6:30 p.m.57 views

CVE-2010-0440

Cross-site scripting (XSS) vulnerability in +CSCOT+/translation in Cisco Secure Desktop 3.4.2048, and other versions before 3.5; as used in Cisco ASA appliance before 8.2(1), 8.1(2.7), and 8.0(5); allows remote attackers to inject arbitrary web script or HTML via a crafted POST parameter, which is ...

4.3CVSS5.6AI score0.39315EPSS
Web
CVE
CVE
added 2006/10/18 7:7 p.m.48 views

CVE-2006-5394

The default configuration of Cisco Secure Desktop (CSD) has an unchecked "Disable printing" box in Secure Desktop Settings, which might allow local users to read data that was sent to a printer during another user's SSL VPN session.

2.1CVSS6.2AI score0.00079EPSS
CVE
CVE
added 2011/02/25 6:0 p.m.44 views

CVE-2011-0926

A certain ActiveX control in CSDWebInstaller.ocx in Cisco Secure Desktop (CSD) does not properly verify the signature of an unspecified downloaded program, which allows remote attackers to execute arbitrary code by spoofing the CSD installation process, a different vulnerability than CVE-2010-0589.

9.3CVSS7.4AI score0.04521EPSS
CVE
CVE
added 2006/10/18 7:7 p.m.39 views

CVE-2006-5393

Cisco Secure Desktop (CSD) does not require that the ClearPageFileAtShutdown (aka CCE-Winv2.0-407) registry value equals 1, which might allow local users to read certain memory pages that were written during another user's SSL VPN session.

5.5CVSS6.2AI score0.00068EPSS
CVE
CVE
added 2011/02/28 4:0 p.m.36 views

CVE-2011-0925

The CSDWebInstallerCtrl ActiveX control in CSDWebInstaller.ocx in Cisco Secure Desktop (CSD) allows remote attackers to download an unintended Cisco program onto a client machine, and execute this program, by identifying a Cisco program with a Cisco digital signature and then renaming this program ...

9.3CVSS6.6AI score0.04521EPSS
CVE
CVE
added 2010/10/14 5:52 a.m.31 views

CVE-2009-5008

Cisco Secure Desktop (CSD), when used in conjunction with an AnyConnect SSL VPN server, does not properly perform verification, which allows local users to bypass intended policy restrictions via a modified executable file.

2.1CVSS6.4AI score0.00063EPSS