Lucene search
K

6 matches found

CVE
CVE
added 2010/02/03 6:0 p.m.73 views

CVE-2010-0440

The CVE-2010-0440 issue is a Cross-Site Scripting (XSS) vulnerability in Cisco Secure Desktop (CSCOT) translation path. Affects Cisco Secure Desktop 3.4.2048 and earlier than 3.5, and is also implicated in Cisco ASA appliances running before 8.2(1), 8.1(2.7), and 8.0(5). The root cause is imprope...

4.3CVSS5.6AI score0.04364EPSS
Web
CVE
CVE
added 2006/10/18 7:0 p.m.59 views

CVE-2006-5394

The CVE-2006-5394 issue affects Cisco Secure Desktop (CSD) where the default configuration leaves the "Disable printing" option unchecked in Secure Desktop Settings. This could allow local users to read data sent to a printer during another user’s SSL VPN session. The vulnerability originates fro...

2.1CVSS6.2AI score0.00315EPSS
CVE
CVE
added 2011/02/25 5:0 p.m.55 views

CVE-2011-0926

Cisco Secure Desktop (CSD) 3.x is affected by CVE-2011-0926 due to the CSDWebInstaller.ocx ActiveX control not properly validating the signature of a downloaded program during installation, enabling remote code execution by spoofing the CSD installation process. Exploitation details are described...

9.3CVSS7.4AI score0.06812EPSS
CVE
CVE
added 2006/10/18 7:0 p.m.51 views

CVE-2006-5393

Cisco Secure Desktop (CSD) is affected by CVE-2006-5393 due to the ClearPageFileAtShutdown (CCE-Winv2.0-407) registry value not being required to equal 1. The result is a local disclosure risk where a local user could read memory pages written during another user’s SSL VPN session. Affected softw...

5.5CVSS6.2AI score0.00296EPSS
CVE
CVE
added 2011/02/28 3:0 p.m.49 views

CVE-2011-0925

Cisco Secure Desktop (CSD) 3.x contains an ActiveX flaw in CSDWebInstaller.ocx (CSDWebInstallerCtrl) that allows remote code execution. The vulnerability stems from a lack of validation of executables downloaded by the CSDWebInstaller Web control, enabling an attacker to corrupt a downloaded prog...

9.3CVSS6.6AI score0.03285EPSS
CVE
CVE
added 2010/10/12 9:0 p.m.44 views

CVE-2009-5008

Cisco Secure Desktop (CSD) together with an AnyConnect SSL VPN server is affected by CVE-2009-5008, where the component does not perform verification correctly, enabling local users to bypass policy restrictions via a modified executable file. Reports across multiple sources (NVD/Red Hat/CVE entr...

2.1CVSS6.4AI score0.00353EPSS