Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2015-0664

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2015-0664
Last Modified 10 Sep 2015 12:05:39
Published 18 Mar 2015 07:59:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2015-0664

Summary

The IPC channel in Cisco AnyConnect Secure Mobility Client 4.0(.00051) and earlier allows local users to write to arbitrary userspace memory locations, and consequently gain privileges, via crafted messages, aka Bug ID CSCus79195.

Vulnerable Systems

Application

  • Cisco Anyconnect Secure Mobility Client 4.0%28.00051%29


References

CISCO - 20150314 Cisco AnyConnect Secure Mobility Client Arbitrary Code Execution Vulnerability

SECTRACK - 1031932


Last Updated: 27 May 2016 11:08:11