NVD

Id
7950  
Name
CVE-2011-0926  
Description
A certain ActiveX control in CSDWebInstaller.ocx in Cisco Secure Desktop (CSD) does not properly verify the signature of an unspecified downloaded program, which allows remote attackers to execute arbitrary code by spoofing the CSD installation process, a different vulnerability than CVE-2010-0589.  
Reject
 
CVSS Version
2  
CVSS Score
9.3  
Severity
High  
CVSS Base Score
9.3  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-07  
Published
2011-02-25  
Modified Date
2011-09-21  
Seq
2011-0926  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
45103 7950 CVE-2011-0926 8105  View
45104 7950 CVE-2011-0926 20110223 ZDI-11-091: (0day) Cisco Secure Desktop CSDWebInstaller Remote Code Execution Vulnerability  View
45105 7950 CVE-2011-0926 46536  View
45106 7950 CVE-2011-0926 1025118  View
45107 7950 CVE-2011-0926 ADV-2011-0513  View
45108 7950 CVE-2011-0926 http://www.zerodayinitiative.com/advisories/ZDI-11-091/  View
45109 7950 CVE-2011-0926 cisco-securedesktop-activex-code-execution(65755)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
32853 JVNDB-2011-003093 Cisco Secure Desktop における意図しないプログラムをダウンロードされる脆弱性 Cisco Secure Desktop (CSD) 上で稼働する CSDWebInstaller.ocx における ActiveX コントロールは、ダウンロードされた詳細不明なプログラムの署名を適切に検証しないため、任意のコードを実行される脆弱性が存在します。 CVE-2011-0926 48833 CVE-2011-0926 7950 9.3 http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-003093.html 2011-02-25 2011-11-29 View