Anyconnect_secure_mobility_client - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Anyconnect_secure_mobility_client
(Cisco)

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	66

Date	Id	Summary	Products	Score	Patch	Annotated
2015-03-17	CVE-2015-0663	Cisco AnyConnect Secure Mobility Client 4.0(.00051) and earlier does not properly implement access control for IPC messages, which allows local users to write to arbitrary files via crafted messages, aka Bug ID CSCus79392.	Anyconnect_secure_mobility_client	N/A
2015-03-17	CVE-2015-0662	Cisco AnyConnect Secure Mobility Client 4.0(.00051) and earlier allows local users to gain privileges via crafted IPC messages that trigger use of root privileges for a software-package installation, aka Bug ID CSCus79385.	Anyconnect_secure_mobility_client	N/A
2015-02-03	CVE-2014-8021	Cross-site scripting (XSS) vulnerability in Cisco AnyConnect Secure Mobility Client 3.1(.02043) and earlier and Cisco HostScan Engine 3.1(.05183) and earlier allows remote attackers to inject arbitrary web script or HTML via vectors involving an applet-path URL, aka Bug IDs CSCup82990 and CSCuq80149.	Anyconnect_secure_mobility_client, Hostscan_engine	N/A
2013-11-04	CVE-2013-5559	Buffer overflow in the Active Template Library (ATL) framework in the VPNAPI COM module in Cisco AnyConnect Secure Mobility Client 2.x allows user-assisted remote attackers to execute arbitrary code via a crafted HTML document, aka Bug ID CSCuj58139.	Anyconnect_secure_mobility_client	N/A
2013-04-11	CVE-2013-1173	Heap-based buffer overflow in ciscod.exe in the Cisco Security Service in Cisco AnyConnect Secure Mobility Client (aka AnyConnect VPN Client) allows local users to gain privileges via unspecified vectors, aka Bug ID CSCud14143.	Anyconnect_secure_mobility_client	N/A
2013-04-11	CVE-2013-1172	The Cisco Security Service in Cisco AnyConnect Secure Mobility Client (aka AnyConnect VPN Client) does not properly verify files, which allows local users to gain privileges via unspecified vectors, aka Bug ID CSCud14153.	Anyconnect_secure_mobility_client	N/A
2013-09-20	CVE-2013-1130	Cisco AnyConnect Secure Mobility Client on Mac OS X uses weak permissions for a library directory, which allows local users to gain privileges via a crafted library file, aka Bug ID CSCue33619.	Anyconnect_secure_mobility_client	N/A
2012-09-16	CVE-2012-3094	The VPN downloader in the download_install component in Cisco AnyConnect Secure Mobility Client 3.1.x before 3.1.00495 on Linux accepts arbitrary X.509 server certificates without user interaction, which allows remote attackers to obtain sensitive information via vectors involving an invalid certificate, aka Bug ID CSCua11967.	Anyconnect_secure_mobility_client	N/A
2012-09-16	CVE-2012-3088	Cisco AnyConnect Secure Mobility Client 3.1.x before 3.1.00495, and 3.2.x, does not check whether an HTTP request originally contains ScanSafe headers, which allows remote attackers to have an unspecified impact via a crafted request, aka Bug ID CSCua13166.	Anyconnect_secure_mobility_client	N/A
2012-08-06	CVE-2012-2500	Cisco AnyConnect Secure Mobility Client 3.0 before 3.0.08057 does not verify the certificate name in an X.509 certificate during WebLaunch of IPsec, which allows man-in-the-middle attackers to spoof servers via a crafted certificate, aka Bug ID CSCtz29470.	Anyconnect_secure_mobility_client	N/A