Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.8
CVSSv2

CVE-2013-5559

Published: 04/11/2013 Updated: 21/09/2016
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
VMScore: 605
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Cisco

Vulnerability Summary

Buffer overflow in the Active Template Library (ATL) framework in the VPNAPI COM module in Cisco AnyConnect Secure Mobility Client 2.x allows user-assisted remote malicious users to execute arbitrary code via a crafted HTML document, aka Bug ID CSCuj58139.

Vulnerable Product Search on Vulmon Subscribe to Product

cisco anyconnect secure mobility client 2.1

cisco anyconnect secure mobility client 2.2

cisco anyconnect secure mobility client 2.2.128

cisco anyconnect secure mobility client 2.2.133

cisco anyconnect secure mobility client 2.4.5004

cisco anyconnect secure mobility client 2.4.7030

cisco anyconnect secure mobility client 2.4.7073

cisco anyconnect secure mobility client 2.5

cisco anyconnect secure mobility client 2.5.3054

cisco anyconnect secure mobility client 2.5.3055

cisco anyconnect secure mobility client 2.5.5112

cisco anyconnect secure mobility client 2.5.5116

cisco anyconnect secure mobility client 2.2.140

cisco anyconnect secure mobility client 2.3.185

cisco anyconnect secure mobility client 2.4.0202

cisco anyconnect secure mobility client 2.4.4004

cisco anyconnect secure mobility client 2.5.1025

cisco anyconnect secure mobility client 2.5.2006

cisco anyconnect secure mobility client 2.5.3041

cisco anyconnect secure mobility client 2.5.3051

cisco anyconnect secure mobility client 2.5.5118

cisco anyconnect secure mobility client 2.5.5130

cisco anyconnect secure mobility client 2.3.2016

cisco anyconnect secure mobility client 2.3.254

cisco anyconnect secure mobility client 2.4

cisco anyconnect secure mobility client 2.5.2011

cisco anyconnect secure mobility client 2.5.2014

cisco anyconnect secure mobility client 2.5.2017

cisco anyconnect secure mobility client 2.5.2018

cisco anyconnect secure mobility client 2.5.6005

cisco anyconnect secure mobility client 2.0

cisco anyconnect secure mobility client 2.2.136

cisco anyconnect secure mobility client 2.3

cisco anyconnect secure mobility client 2.4.1012

cisco anyconnect secure mobility client 2.4.4014

cisco anyconnect secure mobility client 2.5.0217

cisco anyconnect secure mobility client 2.5.2001

cisco anyconnect secure mobility client 2.5.2010

cisco anyconnect secure mobility client 2.5.2019

cisco anyconnect secure mobility client 2.5.3046

cisco anyconnect secure mobility client 2.5.5125

cisco anyconnect secure mobility client 2.5.5131

Vendor Advisories

Cisco: Cisco AnyConnect Secure Mobility Client VPNAPI COM Buffer Overflow Vulnerability
A vulnerability in the Active Template Library (ATL) framework used by a component of the Cisco AnyConnect Secure Mobility Client could allow an unauthenticated, remote attacker to execute arbitrary commands with the privilege of the user executing the web browser The vulnerability is due to insufficient input validation when the ATL framework is ...

References

CWE-119http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5559https://nvd.nist.govhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/Cisco-SA-20131104-CVE-2013-5559
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028CVE-2024-32406CVE-2024-25624IMAPCVE-2024-2310CVE-2024-0874CVE-2024-20359XXEremote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook