Executive Summary
Summary | |
---|---|
Title | Cisco Security Agent Remote Code Execution Vulnerabilities |
Informations | |||
---|---|---|---|
Name | cisco-sa-20111026-csa | First vendor Publication | N/A |
Vendor | Cisco | Last vendor Modification | 2011-10-26 |
Severity (Vendor) | N/A | Revision | 1.0 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:L/AC:M/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 4.4 | Attack Range | Local |
Cvss Impact Score | 6.4 | Attack Complexity | Medium |
Cvss Expoit Score | 3.4 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Cisco Security Agent is affected by vulnerabilities that could allow an unauthenticated attacker to perform remote code execution on the affected device. These vulnerabilities are in a third-party library (Oracle Outside In) and are documented in CERT-CC Vulnerability Note VU#520721 at http://www.kb.cert.org/vuls/id/520721 Cisco has released free software updates that address this vulnerability. No workaround is available to mitigate these vulnerabilities. |
Original Source
Url : http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco (...) |
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 2 |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
71970 | Oracle Outside In Technology Outside In Filters Unspecified Local DoS Oracle Outside In Technology contains a flaw related to the Outside In Filters component that may allow a local attacker to cause a denial of service via vectors related to the vswk6.dll and sccut.dll modules handling of Microsoft CAB or .onepkg files. No further details have been provided. |
71969 | Oracle Outside In Technology Outside In File ID SDK Unspecified Local DoS Oracle Outside In Technology contains a flaw related to the Outside In File ID SDK component that may allow a local attacker to cause a denial of service via vectors related to the vswk6.dll and sccut.dll modules handling of Lotus 123 files. No further details have been provided. |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2011-10-07 | Name : An archiving application installed on the remote host has multiple vulnerabil... File : symantec_enterprise_vault_sym11-011.nasl - Type : ACT_GATHER_INFO |