Cisco Secure Desktop ActiveX Control Executable File Arbitrary File Download Vulnerability
Publish date: 21 de julio de 2015
Gravedad: Crítico
Identificadores de CVE : CVE-2011-0926
Fecha recomendada: 21 de julio de 2015
Descripción
A certain ActiveX control in CSDWebInstaller.ocx in Cisco Secure Desktop (CSD) does not properly verify the signature of an unspecified downloaded program, which allows remote attackers to execute arbitrary code by spoofing the CSD installation process, a different vulnerability than CVE-2010-0589.
Revelación de la información
Apply associated Trend Micro DPI Rules.
Soluciones
Trend Micro Deep Security DPI Rule Number: 1004626
Trend Micro Deep Security DPI Rule Name: 1004626 - Restrict Cisco Secure Desktop ActiveX Control
Software y versión afectados
- cisco secure_desktop