mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-09-17 18:45:49 +00:00
234 lines
8.5 KiB
JSON
234 lines
8.5 KiB
JSON
{
|
|
"id": "CVE-2012-4655",
|
|
"sourceIdentifier": "psirt@cisco.com",
|
|
"published": "2012-09-24T17:55:07.157",
|
|
"lastModified": "2024-11-21T01:43:17.553",
|
|
"vulnStatus": "Modified",
|
|
"cveTags": [],
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "The WebLaunch feature in Cisco Secure Desktop before 3.6.6020 does not properly validate binaries that are received by the downloader process, which allows remote attackers to execute arbitrary code via vectors involving (1) ActiveX or (2) Java components, aka Bug IDs CSCtz76128 and CSCtz78204."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "La funcionalidad WebLaunch en Cisco Secure Desktop antes de v3.6.6020 no valida adecuadamente los binarios recibidos por el proceso de descarga, lo que permite a cualquier atacante ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de vectores relacionados con (1) ActiveX o (2) componentes Java. El problema esta identificado con los Bug IDs CSCtz76128 y CSCtz78204."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
|
|
"baseScore": 9.3,
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "MEDIUM",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "COMPLETE",
|
|
"integrityImpact": "COMPLETE",
|
|
"availabilityImpact": "COMPLETE"
|
|
},
|
|
"baseSeverity": "HIGH",
|
|
"exploitabilityScore": 8.6,
|
|
"impactScore": 10.0,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": true
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-20"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cisco:secure_desktop:3.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "6EE6B79A-FD31-4637-BE22-EEADF63B94FF"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cisco:secure_desktop:3.1.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "7F2F8EA5-8DEF-48D0-9E7F-6047D4AECC5C"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cisco:secure_desktop:3.1.1.27:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "59D841B0-3D1B-4F1C-87F1-D0355955E49C"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cisco:secure_desktop:3.1.1.33:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F13E414E-E56E-496E-A952-F93DCF1B1BDC"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cisco:secure_desktop:3.1.1.45:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "21F5DFB0-21F4-45F7-B4AF-000B24DEA596"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cisco:secure_desktop:3.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "0D7A8878-2E0F-4140-86DF-75999B47E4F5"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cisco:secure_desktop:3.2.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "4932BA9E-4156-4445-93E9-7A9F1D81090B"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cisco:secure_desktop:3.3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "3497EB29-C406-44C1-AB28-0DDC4E79A9D9"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cisco:secure_desktop:3.4:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "6C63D54D-6424-4767-9832-41E7F0B1D1E9"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cisco:secure_desktop:3.4.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F4D4CF6F-2F81-45B0-9B5B-C8D79E74D6F4"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cisco:secure_desktop:3.4.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "AA0286A4-6011-41DF-B607-44CFBBFD437F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cisco:secure_desktop:3.4.2048:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "FE277431-4101-4C0F-91DB-A1C15C0344FF"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cisco:secure_desktop:3.5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "4142FB07-D5F0-4209-B0DE-67B768D7BDAC"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cisco:secure_desktop:3.5.841:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "85641AF5-7A5B-4146-9806-E055420DB3AD"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cisco:secure_desktop:3.5.1077:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "7D5FC538-64F7-4F3D-9FAE-82D5015737DE"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cisco:secure_desktop:3.5.2001:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "4F72D901-C62C-41A0-8D68-72CB9508E507"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cisco:secure_desktop:3.5.2008:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "D79AB614-C5B3-4116-B957-A42F6AD0DD6F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cisco:secure_desktop:3.6:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "9273F0F3-38F2-45AE-8453-1004A7CE91EC"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cisco:secure_desktop:3.6.181:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "A1A4F9A8-DB02-45A0-ABE4-08683C798CC3"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cisco:secure_desktop:3.6.185:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "71AF8E5A-42C5-42CB-8890-6F00BC1C471A"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cisco:secure_desktop:3.6.1001:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "4CA7E7CD-E877-4868-B868-AF77F931F593"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cisco:secure_desktop:3.6.2002:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "93F2063D-7955-4217-A13D-217ED25C5DAE"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cisco:secure_desktop:3.6.3002:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "BA30F821-2963-4431-B25F-BB061CBCBE27"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cisco:secure_desktop:3.6.4021:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "689D7A99-1CB3-4930-8A0B-466DDC718D6D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:cisco:secure_desktop:3.6.5005:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "2D9C94C7-3E8A-4E3A-A88F-648F755D3C3A"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://secunia.com/advisories/50669",
|
|
"source": "psirt@cisco.com"
|
|
},
|
|
{
|
|
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120620-ac",
|
|
"source": "psirt@cisco.com",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/55606",
|
|
"source": "psirt@cisco.com"
|
|
},
|
|
{
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78677",
|
|
"source": "psirt@cisco.com"
|
|
},
|
|
{
|
|
"url": "http://secunia.com/advisories/50669",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120620-ac",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/55606",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78677",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
}
|
|
]
|
|
} |