Cisco Secure Desktop ActiveX Control Executable File Arbitrary File Download Vulnerability
2015年7月21日
危険度: 緊急
CVE識別番号: CVE-2011-0926
情報公開日: 7 21, 2015
概要
A certain ActiveX control in CSDWebInstaller.ocx in Cisco Secure Desktop (CSD) does not properly verify the signature of an unspecified downloaded program, which allows remote attackers to execute arbitrary code by spoofing the CSD installation process, a different vulnerability than CVE-2010-0589.
トレンドマイクロの対策
Apply associated Trend Micro DPI Rules.
対応方法
Trend Micro Deep Security DPI Rule Number: 1004626
Trend Micro Deep Security DPI Rule Name: 1004626 - Restrict Cisco Secure Desktop ActiveX Control
影響を受けるソフトウェア
- cisco secure_desktop