Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-3052

Overview

Vulnerability Score 6.9 6.9
CVE Id CVE-2012-3052
Last Modified 17 Sep 2012 12:00:00
Published 16 Sep 2012 06:34:50
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2012-3052

Summary

Untrusted search path vulnerability in Cisco VPN Client 5.0 allows local users to gain privileges via a Trojan horse DLL in the current working directory, aka Bug ID CSCua28747.

Vulnerable Systems

Application

  • Cisco Vpn Client 5.0

  • Cisco Vpn Client 5.0.01

  • Cisco Vpn Client 5.0.01.0600

  • Cisco Vpn Client 5.0.02.0090

  • Cisco Vpn Client 5.0.03.0530

  • Cisco Vpn Client 5.0.03.0560

  • Cisco Vpn Client 5.0.04.0300

  • Cisco Vpn Client 5.0.05.0290

  • Cisco Vpn Client 5.0.06.0160

  • Cisco Vpn Client 5.0.07.0290

  • Cisco Vpn Client 5.0.07.0410

  • Cisco Vpn Client 5.0.07.0440

  • Cisco Vpn Client 5.0.2

  • Cisco Vpn Client 5.0.2.0090

  • Cisco Vpn Client 5.0.5

  • Cisco Vpn Client 5.0.6

  • Cisco Vpn Client 5.0.7


References

CONFIRM - http://www.cisco.com/en/US/docs/security/vpn_client/anyconnect/anyconnect31/release/notes/anyconnect31rn.html


Last Updated: 27 May 2016 11:00:42