The Web Install ActiveX control (CSDWebInstaller) in Cisco Secure Desktop (CSD) prior to 3.5.841 does not properly verify the signatures of downloaded programs, which allows remote malicious users to force the download and execution of arbitrary files via a crafted web page, aka Bug ID CSCta25876.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cisco secure desktop 3.1.1 |
||
cisco secure desktop 3.2 |
||
cisco secure desktop |
||
cisco secure desktop 3.1.1.27 |
||
cisco secure desktop 3.4 |
||
cisco secure desktop 3.4.1 |
||
cisco secure desktop 3.1.1.33 |
||
cisco secure desktop 3.1 |
||
cisco secure desktop 3.4.2 |
||
cisco secure desktop 3.4.2048 |
||
cisco secure desktop 3.2.1 |
||
cisco secure desktop 3.3 |