fkie_cve-2015-6305
Vulnerability from fkie_nvd
Published
2015-09-26 01:59
Modified
2025-04-12 10:46
Severity ?
Summary
Untrusted search path vulnerability in the CMainThread::launchDownloader function in vpndownloader.exe in Cisco AnyConnect Secure Mobility Client 2.0 through 4.1 on Windows allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by dbghelp.dll, aka Bug ID CSCuv01279. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-4211.
References
psirt@cisco.comhttp://packetstormsecurity.com/files/133876/Cisco-AnyConnect-Secure-Mobility-Client-3.1.08009-Privilege-Elevation.htmlThird Party Advisory, VDB Entry
psirt@cisco.comhttp://seclists.org/fulldisclosure/2015/Sep/80Third Party Advisory, VDB Entry
psirt@cisco.comhttp://tools.cisco.com/security/center/viewAlert.x?alertId=41136Vendor Advisory
psirt@cisco.comhttp://www.securitytracker.com/id/1033643Third Party Advisory, VDB Entry
psirt@cisco.comhttps://code.google.com/p/google-security-research/issues/detail?id=460Exploit, Vendor Advisory
psirt@cisco.comhttps://www.exploit-db.com/exploits/38289/Exploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/133876/Cisco-AnyConnect-Secure-Mobility-Client-3.1.08009-Privilege-Elevation.htmlThird Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://seclists.org/fulldisclosure/2015/Sep/80Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://tools.cisco.com/security/center/viewAlert.x?alertId=41136Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1033643Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://code.google.com/p/google-security-research/issues/detail?id=460Exploit, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.exploit-db.com/exploits/38289/Exploit, Third Party Advisory, VDB Entry
Impacted products
Vendor Product Version
cisco anyconnect_secure_mobility_client 2.0.0343
cisco anyconnect_secure_mobility_client 2.1.0.148
cisco anyconnect_secure_mobility_client 2.2.0133
cisco anyconnect_secure_mobility_client 2.2.0136
cisco anyconnect_secure_mobility_client 2.2.0140
cisco anyconnect_secure_mobility_client 2.3.0185
cisco anyconnect_secure_mobility_client 2.3.0254
cisco anyconnect_secure_mobility_client 2.3.1003
cisco anyconnect_secure_mobility_client 2.3.2016
cisco anyconnect_secure_mobility_client 2.4.0202
cisco anyconnect_secure_mobility_client 2.4.1012
cisco anyconnect_secure_mobility_client 2.5.0217
cisco anyconnect_secure_mobility_client 2.5.2006
cisco anyconnect_secure_mobility_client 2.5.2010
cisco anyconnect_secure_mobility_client 2.5.2011
cisco anyconnect_secure_mobility_client 2.5.2014
cisco anyconnect_secure_mobility_client 2.5.2017
cisco anyconnect_secure_mobility_client 2.5.2018
cisco anyconnect_secure_mobility_client 2.5.2019
cisco anyconnect_secure_mobility_client 2.5.3041
cisco anyconnect_secure_mobility_client 2.5.3046
cisco anyconnect_secure_mobility_client 2.5.3051
cisco anyconnect_secure_mobility_client 2.5.3054
cisco anyconnect_secure_mobility_client 2.5.3055
cisco anyconnect_secure_mobility_client 2.5_base
cisco anyconnect_secure_mobility_client 3.0.0
cisco anyconnect_secure_mobility_client 3.0.0629
cisco anyconnect_secure_mobility_client 3.0.1047
cisco anyconnect_secure_mobility_client 3.0.2052
cisco anyconnect_secure_mobility_client 3.0.3050
cisco anyconnect_secure_mobility_client 3.0.3054
cisco anyconnect_secure_mobility_client 3.0.4235
cisco anyconnect_secure_mobility_client 3.0.5075
cisco anyconnect_secure_mobility_client 3.0.5080
cisco anyconnect_secure_mobility_client 3.0.09231
cisco anyconnect_secure_mobility_client 3.0.09266
cisco anyconnect_secure_mobility_client 3.0.09353
cisco anyconnect_secure_mobility_client 3.1\(60\)
cisco anyconnect_secure_mobility_client 3.1.0
cisco anyconnect_secure_mobility_client 3.1.02043
cisco anyconnect_secure_mobility_client 3.1.05182
cisco anyconnect_secure_mobility_client 3.1.05187
cisco anyconnect_secure_mobility_client 3.1.06073
cisco anyconnect_secure_mobility_client 3.1.07021
cisco anyconnect_secure_mobility_client 4.0\(48\)
cisco anyconnect_secure_mobility_client 4.0\(64\)
cisco anyconnect_secure_mobility_client 4.0\(2049\)
cisco anyconnect_secure_mobility_client 4.0.0
cisco anyconnect_secure_mobility_client 4.0.00048
cisco anyconnect_secure_mobility_client 4.0.00051
cisco anyconnect_secure_mobility_client 4.1.0
microsoft windows *


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.0.0343:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D45BF12-1E35-458F-8C97-F6373E92A7AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.1.0.148:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B4D2D11-A449-4B4C-A07D-1074D61A4EEF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.2.0133:*:*:*:*:*:*:*",
              "matchCriteriaId": "99BC4BE0-79DD-404D-96E1-CA174AA4AB0E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.2.0136:*:*:*:*:*:*:*",
              "matchCriteriaId": "29EF218A-470F-4201-B4C7-521C3D5EAB8B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.2.0140:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F453CD0-871D-4273-A644-9795256CA157",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.3.0185:*:*:*:*:*:*:*",
              "matchCriteriaId": "102BBE5A-17C2-456F-B62F-1D783D07D7B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.3.0254:*:*:*:*:*:*:*",
              "matchCriteriaId": "86B63EBD-8608-4E77-8CF1-4278626E6E34",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.3.1003:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD571428-F54C-493E-991D-D5D83D3BFCE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.3.2016:*:*:*:*:*:*:*",
              "matchCriteriaId": "184A5DAA-9BDB-4C2D-80DC-E2E21356676A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.4.0202:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B1E5D16-BD4E-417C-851B-AEC74D1F84FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.4.1012:*:*:*:*:*:*:*",
              "matchCriteriaId": "8B9822AE-2ACE-424A-BB03-4457923E812E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5.0217:*:*:*:*:*:*:*",
              "matchCriteriaId": "2EF2B696-85BA-492E-AB95-A1A7427429CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5.2006:*:*:*:*:*:*:*",
              "matchCriteriaId": "C41B8BA4-3242-464D-A9E0-15018C8CB495",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5.2010:*:*:*:*:*:*:*",
              "matchCriteriaId": "D713E198-7C64-4D7C-9DE9-C84FBE26B571",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5.2011:*:*:*:*:*:*:*",
              "matchCriteriaId": "AE3B606D-1E0E-4276-BFD4-31D6BD96FE1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5.2014:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3A37930-E737-46E9-BD83-99D72C31A551",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5.2017:*:*:*:*:*:*:*",
              "matchCriteriaId": "93A65C87-E948-4BFF-AFE5-3180701AFDA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5.2018:*:*:*:*:*:*:*",
              "matchCriteriaId": "39FDA0C8-8315-4899-B0C5-DE234784E50D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5.2019:*:*:*:*:*:*:*",
              "matchCriteriaId": "6C3D6B5A-A836-490E-B295-DE9832EC2DA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5.3041:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D7D1894-0E58-43BA-9A40-82E3D8648FF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5.3046:*:*:*:*:*:*:*",
              "matchCriteriaId": "111D94E9-AC3C-41E8-8F47-F5A72B27DE9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5.3051:*:*:*:*:*:*:*",
              "matchCriteriaId": "E78742CF-1043-41BC-9789-8A8FA9460FF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5.3054:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA3903F0-39C8-43B4-A117-812583EEE94F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5.3055:*:*:*:*:*:*:*",
              "matchCriteriaId": "CED47F1A-7A16-484C-A71C-E5FC739A3AB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.5_base:*:*:*:*:*:*:*",
              "matchCriteriaId": "B89902B9-047C-4619-9B6B-408D5D0592BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "87AB68C1-8884-4342-9E93-C5A2F57FAB4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.0.0629:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BA1D619-5FC6-4F45-B35A-1C029729146A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.0.1047:*:*:*:*:*:*:*",
              "matchCriteriaId": "4279AC14-F659-4592-976E-E81B528EF6AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.0.2052:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF0D59FA-777E-4017-972E-54B4E9A39A1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.0.3050:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FA8AE9E-221C-4117-B9B6-842AC529B313",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.0.3054:*:*:*:*:*:*:*",
              "matchCriteriaId": "C9DC7395-6976-4FB2-904E-0E7EA5EFF44B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.0.4235:*:*:*:*:*:*:*",
              "matchCriteriaId": "55BB9930-B838-4326-AC8B-9FF9690BF570",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.0.5075:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC719878-4AC0-4EDF-BA63-3355078DE646",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.0.5080:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D05F500-75AB-41DA-8492-5AFD7D0BA475",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.0.09231:*:*:*:*:*:*:*",
              "matchCriteriaId": "989DB0BF-C00D-4C7B-83A2-CE726EEC397C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.0.09266:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD6CA5AF-4F93-49A3-AEC6-8AC2D0951538",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.0.09353:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C359D1F-2ED9-4A59-9D2D-C6106607EB61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.1\\(60\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "6B415C06-7A2B-4CDC-B7DD-12FF22DB466F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CFE1E12-CAEE-4CB5-8969-D6F92451F69B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.1.02043:*:*:*:*:*:*:*",
              "matchCriteriaId": "871452CA-054B-411F-AC5F-78C7F666D813",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.1.05182:*:*:*:*:*:*:*",
              "matchCriteriaId": "E12D9394-B33E-4292-9FF1-E405AF1781B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.1.05187:*:*:*:*:*:*:*",
              "matchCriteriaId": "54D06E2E-6CBC-40D4-9409-030822552A45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.1.06073:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB28D6B8-C1AC-49E6-9753-7E4703CB73A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:3.1.07021:*:*:*:*:*:*:*",
              "matchCriteriaId": "217290C9-A508-4253-B807-E5E605A2D990",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.0\\(48\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "0BFC839F-D9E1-4B41-B316-8FF44FDAFC78",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.0\\(64\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "9EC1592B-04DE-4FBB-88EF-7AFADEE75624",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.0\\(2049\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "28E79966-4EE3-4987-AB0C-FEC2DD713012",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3782E3EC-B35A-443E-B9CF-5EA8B2D0F732",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.0.00048:*:*:*:*:*:*:*",
              "matchCriteriaId": "0608CACF-28C5-4A23-81FE-7FEB655FC84B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.0.00051:*:*:*:*:*:*:*",
              "matchCriteriaId": "72B9DB6D-0ABC-4938-A36E-2F68AB94635C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:anyconnect_secure_mobility_client:4.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACBB4489-1C7C-4435-AF21-ADBA57F49C19",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Untrusted search path vulnerability in the CMainThread::launchDownloader function in vpndownloader.exe in Cisco AnyConnect Secure Mobility Client 2.0 through 4.1 on Windows allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by dbghelp.dll, aka Bug ID CSCuv01279.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-4211."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad en la ruta de b\u00fasqueda no fiable en la funci\u00f3n CMainThread::launchDownloader en vpndownloader.exe en Cisco AnyConnect Secure Mobility Client 2.0 hasta la versi\u00f3n 4.1 en Windows, permite a usuarios locales obtener privilegios a trav\u00e9s de un troyano DLL en el directorio de trabajo actual, seg\u00fan lo demostrado por dbghelp.dll, tambi\u00e9n conocida como Bug ID CSCuv01279. NOTA: esta vulnerabilidad existe debido a una soluci\u00f3n incompleta para CVE-2015-4211."
    }
  ],
  "id": "CVE-2015-6305",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2015-09-26T01:59:09.627",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/133876/Cisco-AnyConnect-Secure-Mobility-Client-3.1.08009-Privilege-Elevation.html"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://seclists.org/fulldisclosure/2015/Sep/80"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=41136"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1033643"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Exploit",
        "Vendor Advisory"
      ],
      "url": "https://code.google.com/p/google-security-research/issues/detail?id=460"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/38289/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://packetstormsecurity.com/files/133876/Cisco-AnyConnect-Secure-Mobility-Client-3.1.08009-Privilege-Elevation.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://seclists.org/fulldisclosure/2015/Sep/80"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=41136"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1033643"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Vendor Advisory"
      ],
      "url": "https://code.google.com/p/google-security-research/issues/detail?id=460"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://www.exploit-db.com/exploits/38289/"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-426"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.