Vulnerabilities > Cisco > Secure Desktop > 3.6.185
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2015-04-17 | CVE-2015-0691 | Permissions, Privileges, and Access Controls vulnerability in Cisco Secure Desktop A certain Cisco JAR file, as distributed in Cache Cleaner in Cisco Secure Desktop (CSD), allows remote attackers to execute arbitrary commands via a crafted web site, aka Bug ID CSCup83001. | 9.3 |
2012-09-24 | CVE-2012-4655 | Improper Input Validation vulnerability in Cisco Secure Desktop The WebLaunch feature in Cisco Secure Desktop before 3.6.6020 does not properly validate binaries that are received by the downloader process, which allows remote attackers to execute arbitrary code via vectors involving (1) ActiveX or (2) Java components, aka Bug IDs CSCtz76128 and CSCtz78204. | 9.3 |