Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 20/06/2012 Updated: 24/08/2012

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

A certain Java applet in the VPN downloader implementation in the WebLaunch feature in Cisco AnyConnect Secure Mobility Client 3.x prior to 3.0 MR7 on 64-bit Linux platforms does not properly restrict use of Java components, which allows remote malicious users to execute arbitrary code via a crafted web site, aka Bug ID CSCty45925.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco anyconnect secure mobility client 3.0

The Cisco AnyConnect Secure Mobility Client is affected by the following vulnerabilities: Cisco AnyConnect Secure Mobility Client VPN Downloader Arbitrary Code Execution Vulnerability Cisco AnyConnect Secure Mobility Client VPN Downloader Software Downgrade Vulnerability Cisco AnyConnect Secure Mobility Client and Cisco Secure Deskto ...

CWE-20 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120620-ac https://nvd.nist.gov http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120620-ac

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2012-2496

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect