Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The CSDWebInstallerCtrl ActiveX control in CSDWebInstaller.ocx in Cisco Secure Desktop (CSD) allows remote attackers to download an unintended Cisco program onto a client machine, and execute this program, by identifying a Cisco program with a Cisco digital signature and then renaming this program to inst.exe, a different vulnerability than CVE-2010-0589 and CVE-2011-0926.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Cisco Secure Desktop CSDWebInstaller ActiveX控件任意文件下载漏洞
Vulnerability Description
Cisco Secure Desktop(CSD)是美国思科(Cisco)公司的一款安全桌面产品,它可通过加密功能降低远程用户注销后或SSL VPN会话超时后Cookies、浏览器历史记录、临时文件和下载内容在系统上所遗留的风险。 Cisco Secure Desktop(CSD)的CSDWebInstaller.ocx中的CSDWebInstallerCtrl ActiveX控件中存在输入验证漏洞。远程攻击者可以通过将Cisco签署的可执行文件重命名为inst.exe并放到网络服务器上远程利用此漏洞上传
CVSS Information
N/A
Vulnerability Type
N/A