Download
| Alert*
|
oval:org.secpod.oval:def:47609
Cisco AnyConnect Secure Mobility Client is installed oval:org.secpod.oval:def:47612 The host is installed with Cisco AnyConnect Secure Mobility Client 3.1.02043 and earlier and is prone to a cross-site scripting vulnerability. A flaw is present in the application which fails to properly handle the applet-path URL. successful exploitation could allow attackers to inject arbitrary we ... oval:org.secpod.oval:def:47616 The host is installed with Cisco AnyConnect Secure Mobility Client 4.0.00051 and earlier and is prone to a path traversal vulnerability. A flaw is present in the application which fails to properly handle the host scan module. Successful exploitation could allow attackers to write to arbitrary files ... oval:org.secpod.oval:def:47611 The host is installed with Cisco AnyConnect Secure Mobility Client 2.0.0343 through 2.5.3055 and is prone to a buffer overflow vulnerability. A flaw is present in the application which fails to properly handle the Active Template Library (ATL) framework in the VPNAPI COM module. successful exploitat ... oval:org.secpod.oval:def:47610 The host is installed with Cisco AnyConnect Secure Mobility Client 3.0 through 3.0.5080 or 3.1.0 through 3.1.02043 and is prone to an input validation vulnerability. A flaw is present in the application which fails to properly verify the files. successful exploitation could allow attackers to gain p ... oval:org.secpod.oval:def:47613 The host is installed with Cisco AnyConnect Secure Mobility Client through 4.0.00051 and is prone to a privilege escalation vulnerability. A flaw is present in the application which fails to properly handle the crafted IPC messages. successful exploitation could allow attackers to inject arbitrary w ... oval:org.secpod.oval:def:47614 The host is installed with Cisco AnyConnect Secure Mobility Client 4.0.00051 and earlier and is prone to a privilege escalation vulnerability. A flaw is present in the application which fails to properly handle the crafted IPC messages. successful exploitation could allow attackers to inject arbitra ... oval:org.secpod.oval:def:47619 The host is installed with Cisco AnyConnect Secure Mobility Client 4.3.02039 or 4.3.00748 is prone to a privilege escalation vulnerability. A flaw is present in the application which fails to properly handle the path names. Successful exploitation could allow local users to install and execute an ar ... oval:org.secpod.oval:def:47618 The host is installed with Cisco AnyConnect Secure Mobility Client before 4.2.05015 or 4.3.x before 4.3.02039 is prone to a privilege escalation vulnerability. A flaw is present in the application which fails to properly handle the path names. Successful exploitation could allow local users to gain ... oval:org.secpod.oval:def:47617 The host is installed with Cisco AnyConnect Secure Mobility Client 2.0.0343 through 4.1 and is prone to an untrusted search path vulnerability. A flaw is present in the application which fails to properly handle the CMainThread::launchDownloader function in vpndownloader.exe. Successful exploitation ... oval:org.secpod.oval:def:47608 The host is installed with Cisco AnyConnect Secure Mobility Client 3.0 through 3.0.5080 or 3.1 through 3.1.02043 and is prone to an input validation vulnerability. A flaw is present in the application which fails to properly verify the files. successful exploitation could allow attackers to gain pri ... oval:org.secpod.oval:def:47615 The host is installed with Cisco AnyConnect Secure Mobility Client 4.0.00051 and earlier and is prone to a privilege escalation vulnerability. A flaw is present in the application which fails to properly handle the crafted IPC messages. successful exploitation could allow attackers to inject arbitra ... oval:org.secpod.oval:def:47620 The host is installed with Cisco AnyConnect Secure Mobility Client before 4.4.02034 is prone to a privilege escalation vulnerability. A flaw is present in the application which fails to properly validate input of path and file names of a DLL file before it is loaded. Successful exploitation could al ... oval:org.secpod.oval:def:82600 The host is installed with Cisco AnyConnect Secure Mobility Client before 4.8.02042 is prone to a windows uncontrolled search path vulnerability. A flaw is present in the application which fails to handle a malicious file copied to a system directory. Successful exploitation could allows attackers t ... oval:org.secpod.oval:def:82601 The host is installed with Cisco AnyConnect Secure Mobility Client 4.5.00058 before 4.6.01103 is prone to a denial of service vulnerability. A flaw is present in the application which fails to properly validate the user-supplied data. Successful exploitation could allows attackers to cause a DoS con ... oval:org.secpod.oval:def:82602 The host is installed with Cisco AnyConnect Secure Mobility Client 4.6.00100 is prone to a certificate bypass vulnerability. A flaw is present in the application which fails to properly validate the simple certificate enrollment protocol and improper server certificate. Successful exploitation could ... oval:org.secpod.oval:def:82603 The host is installed with Cisco AnyConnect Secure Mobility Client 4.4.04030 is prone to an XML external entity injection vulnerability. A flaw is present in the application which fails to handle a crafted XML file with malicious entries. Successful exploitation could allows attackers to have read a ... oval:org.secpod.oval:def:47621 The host is installed with Cisco AnyConnect Secure Mobility Client 4.4.00243 before 4.6 is prone to a session fixation vulnerability. A flaw is present in the application which fails to properly handle the authentication request in the company's Identity Provider (IdP). Successful exploitation could ... oval:org.secpod.oval:def:81757 The host is installed with Cisco AnyConnect Secure Mobility Client before 4.10.03104 is prone to a privilege escalation vulnerability. A flaw is present in the application, which is due to incorrect privilege assignment to scripts executed before user logon. Successful exploitation could allow the a ... oval:org.secpod.oval:def:81755 The host is installed with Cisco AnyConnect Secure Mobility Client before 4.10.03104 is prone to a privilege escalation vulnerability. A flaw is present in the application, which is due to incorrect privilege assignment to scripts executed before user logon. Successful exploitation could allow the a ... oval:org.secpod.oval:def:73413 The host is installed with Cisco AnyConnect Secure Mobility Client before 4.10.01075 is prone to a denial of service vulnerability. A flaw is present in the application which fails to handle uncontrolled memory allocation. Successful exploitation could allow an authenticated, local attacker to cause ... oval:org.secpod.oval:def:87973 The host is installed with Cisco AnyConnect Secure Mobility Client before 4.10.01075 is prone to a DLL hijacking vulnerability. A flaw is present in the application which fails to handle issues in DLL loading mechanism. Successful exploitation could allow an authenticated, local attacker to perform ... oval:org.secpod.oval:def:82592 The host is installed with Cisco AnyConnect Secure Mobility Client before 4.10.00093 is prone to an improper input validation vulnerability. A flaw is present in the application which fails to handle a crafted IPC message sent to the AnyConnect process. Successful exploitation could allows attackers ... oval:org.secpod.oval:def:82593 The host is installed with Cisco AnyConnect Secure Mobility Client before 4.9.03022 is prone to a windows install executable hijacking vulnerability. A flaw is present in the application which fails to loads an executable file from a user-writable directory. Successful exploitation could allows atta ... oval:org.secpod.oval:def:82595 The host is installed with Cisco AnyConnect Secure Mobility Client before 4.10.00093 is prone to a windows upgrade executable hijacking vulnerability. A flaw is present in the application which fails to handle a temporary file with insecure permissions that is created during the upgrade process. Suc ... oval:org.secpod.oval:def:82594 The host is installed with Cisco AnyConnect Secure Mobility Client before 4.9.06037 is prone to a windows upgrade DLL hijacking vulnerability. A flaw is present in the application which fails to handle a temporary file with insecure permissions that is created during the upgrade process. Successful ... oval:org.secpod.oval:def:82596 The host is installed with Cisco AnyConnect Secure Mobility Client before 4.10.00093 is prone to a windows upgrade DLL hijacking vulnerability. A flaw is present in the application which fails to handle a malicious DLL file copied to a specific directory. Successful exploitation could allows attacke ... oval:org.secpod.oval:def:82598 The host is installed with Cisco AnyConnect Secure Mobility Client before 4.9.06037 is prone to a windows uninstall executable hijacking vulnerability. A flaw is present in the application which fails to handle a temporary file with insecure permissions that is created during the uninstall process. ... oval:org.secpod.oval:def:82597 The host is installed with Cisco AnyConnect Secure Mobility Client before 4.9.06037 is prone to a windows upgrade DLL hijacking vulnerability. A flaw is present in the application which fails to handle a malicious DLL file copied to a specific directory. Successful exploitation could allows attacker ... oval:org.secpod.oval:def:82599 The host is installed with Cisco AnyConnect Secure Mobility Client before 4.9.05042 is prone to a DLL hijacking vulnerability. A flaw is present in the application which fails to handle a crafted IPC message sent to the AnyConnect process. Successful exploitation could allows attackers to execute ar ... |
