Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2010-0589
HistoryApr 15, 2010 - 5:30 p.m.

CVE-2010-0589

2010-04-1517:30:00
CWE-20
[email protected]
web.nvd.nist.gov
4

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

6.5

Confidence

Low

EPSS

0.127

Percentile

95.5%

JSON

The Web Install ActiveX control (CSDWebInstaller) in Cisco Secure Desktop (CSD) before 3.5.841 does not properly verify the signatures of downloaded programs, which allows remote attackers to force the download and execution of arbitrary files via a crafted web page, aka Bug ID CSCta25876.

Affected configurations

Nvd
Node
ciscosecure_desktopRange3.5
OR
ciscosecure_desktopMatch3.1
OR
ciscosecure_desktopMatch3.1.1
OR
ciscosecure_desktopMatch3.1.1.27
OR
ciscosecure_desktopMatch3.1.1.33
OR
ciscosecure_desktopMatch3.2
OR
ciscosecure_desktopMatch3.2.1
OR
ciscosecure_desktopMatch3.3
OR
ciscosecure_desktopMatch3.4
OR
ciscosecure_desktopMatch3.4.1
OR
ciscosecure_desktopMatch3.4.2
OR
ciscosecure_desktopMatch3.4.2048
VendorProductVersionCPE
ciscosecure_desktop*cpe:2.3:a:cisco:secure_desktop:*:*:*:*:*:*:*:*
ciscosecure_desktop3.1cpe:2.3:a:cisco:secure_desktop:3.1:*:*:*:*:*:*:*
ciscosecure_desktop3.1.1cpe:2.3:a:cisco:secure_desktop:3.1.1:*:*:*:*:*:*:*
ciscosecure_desktop3.1.1.27cpe:2.3:a:cisco:secure_desktop:3.1.1.27:*:*:*:*:*:*:*
ciscosecure_desktop3.1.1.33cpe:2.3:a:cisco:secure_desktop:3.1.1.33:*:*:*:*:*:*:*
ciscosecure_desktop3.2cpe:2.3:a:cisco:secure_desktop:3.2:*:*:*:*:*:*:*
ciscosecure_desktop3.2.1cpe:2.3:a:cisco:secure_desktop:3.2.1:*:*:*:*:*:*:*
ciscosecure_desktop3.3cpe:2.3:a:cisco:secure_desktop:3.3:*:*:*:*:*:*:*
ciscosecure_desktop3.4cpe:2.3:a:cisco:secure_desktop:3.4:*:*:*:*:*:*:*
ciscosecure_desktop3.4.1cpe:2.3:a:cisco:secure_desktop:3.4.1:*:*:*:*:*:*:*
Rows per page:
1-10 of 121

Related

securityvulns 2
kaspersky 1
prion 3
zdi 1
cvelist 3
cve 3
nvd 2
securityvulns
securityvulns
Cisco Secure Desktop ActiveX code execution
2010-04-19 00:00:00
Cisco Security Advisory: Cisco Secure Desktop ActiveX Control Code Execution Vulnerability
2010-04-19 00:00:00
kaspersky
kaspersky
KLA10106 ACE vulnerability in Cisco Secure Desktop
2010-04-15 00:00:00
prion
prion
Design/Logic Flaw
2010-04-15 17:30:00
Code injection
2011-02-25 18:00:00
Code injection
2011-02-28 16:00:00
zdi
zdi
Cisco Secure Desktop CSDWebInstaller ActiveX Control Remote Code Execution Vulnerability
2010-04-14 00:00:00
cvelist
cvelist
CVE-2010-0589
2010-04-15 17:00:00
CVE-2011-0926
2011-02-25 17:00:00
CVE-2011-0925
2011-02-28 15:00:00
cve
cve
CVE-2010-0589
2010-04-15 17:30:00
CVE-2011-0926
2011-02-25 18:00:01
CVE-2011-0925
2011-02-28 16:00:01
nvd
nvd
CVE-2011-0926
2011-02-25 18:00:01
CVE-2011-0925
2011-02-28 16:00:01

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

6.5

Confidence

Low

EPSS

0.127

Percentile

95.5%

JSON
Related for NVD:CVE-2010-0589
securityvulns2kaspersky1prion3zdi1cvelist3cve3nvd2