2 matches found
CVE-2008-0533
Cisco Secure Access Control Server (ACS) for Windows UCP CSUserCGI.exe contains multiple remote-preauth vulnerabilities, including cross-site scripting (XSS) via arguments after the Help parameter and a buffer overflow in the Logout path, affecting UCP before version 4.2. Exploitation could allow...
CVE-2008-0532
CVE-2008-0532 describes a vulnerability in Cisco Secure Access Control Server (ACS) UCP, where multiple buffer overflows in CSuserCGI.exe allow remote code execution. An attacker can exploit a long argument following the Logout parameter to inject and run arbitrary code on affected systems. Affec...