The WebLaunch feature in Cisco Secure Desktop before 3.6.6020 does not properly validate binaries that are received by the downloader process, which allows remote attackers to execute arbitrary code via vectors involving (1) ActiveX or (2) Java components, aka Bug IDs CSCtz76128 and CSCtz78204.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: cisco
Published: 2012-09-24T17:00:00
Updated: 2017-08-28T12:57:01
Reserved: 2012-08-24T00:00:00
Link: CVE-2012-4655
JSON object: View
NVD Information
Status : Modified
Published: 2012-09-24T17:55:07.157
Modified: 2017-08-29T01:32:20.557
Link: CVE-2012-4655
JSON object: View
Redhat Information
No data.
CWE