CVE-2011-0926

A certain ActiveX control in CSDWebInstaller.ocx in Cisco Secure Desktop (CSD) does not properly verify the signature of an unspecified downloaded program, which allows remote attackers to execute arbitrary code by spoofing the CSD installation process, a different vulnerability than CVE-2010-0589.
Configurations

Configuration 1 (hide)

cpe:2.3:a:cisco:secure_desktop:*:*:*:*:*:*:*:*

History

21 Nov 2024, 01:25

Type Values Removed Values Added
References () http://securityreason.com/securityalert/8105 - () http://securityreason.com/securityalert/8105 -
References () http://www.securityfocus.com/archive/1/516647/100/0/threaded - () http://www.securityfocus.com/archive/1/516647/100/0/threaded -
References () http://www.securityfocus.com/bid/46536 - () http://www.securityfocus.com/bid/46536 -
References () http://www.securitytracker.com/id?1025118 - () http://www.securitytracker.com/id?1025118 -
References () http://www.vupen.com/english/advisories/2011/0513 - () http://www.vupen.com/english/advisories/2011/0513 -
References () http://www.zerodayinitiative.com/advisories/ZDI-11-091/ - () http://www.zerodayinitiative.com/advisories/ZDI-11-091/ -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/65755 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/65755 -

Information

Published : 2011-02-25 18:00

Updated : 2024-11-21 01:25


NVD link : CVE-2011-0926

Mitre link : CVE-2011-0926

CVE.ORG link : CVE-2011-0926


JSON object : View

Products Affected

cisco

  • secure_desktop
CWE
CWE-20

Improper Input Validation