NVD

Id
7949  
Name
CVE-2011-0925  
Description
The CSDWebInstallerCtrl ActiveX control in CSDWebInstaller.ocx in Cisco Secure Desktop (CSD) allows remote attackers to download an unintended Cisco program onto a client machine, and execute this program, by identifying a Cisco program with a Cisco digital signature and then renaming this program to inst.exe, a different vulnerability than CVE-2010-0589 and CVE-2011-0926.  
Reject
 
CVSS Version
2  
CVSS Score
9.3  
Severity
High  
CVSS Base Score
9.3  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-07  
Published
2011-02-28  
Modified Date
2011-09-21  
Seq
2011-0925  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
45096 7949 CVE-2011-0925 8108  View
45097 7949 CVE-2011-0925 20110223 ZDI-11-092: (0day) Cisco Secure Desktop CSDWebInstaller ActiveX Control Cleaner.cab Remote Code Execution Vulnerability  View
45098 7949 CVE-2011-0925 46538  View
45099 7949 CVE-2011-0925 1025118  View
45100 7949 CVE-2011-0925 ADV-2011-0513  View
45101 7949 CVE-2011-0925 cisco-secure-activex-code-execution(65754)  View
45102 7949 CVE-2011-0925 http://zerodayinitiative.com/advisories/ZDI-11-092/  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
32854 JVNDB-2011-003094 Cisco Secure Desktop における意図しないプログラムをダウンロードされる脆弱性 Cisco Secure Desktop (CSD) 上で稼働する CSDWebInstaller.ocx における CSDWebInstallerCtrl ActiveX コントロールには、意図しない Cisco プログラムをクライアントマシンにダウンロードされる、およびそのプラグラムを実行される脆弱性が存在します。 CVE-2011-0925 48832 CVE-2011-0925 7949 9.3 http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-003094.html 2011-02-28 2011-11-29 View