Vulnerabilities > Cisco > VPN Client > 5.0.7.0290
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2015-10-06 | CVE-2015-7600 | Permissions, Privileges, and Access Controls vulnerability in Cisco VPN Client Cisco VPN Client 5.x through 5.0.07.0440 uses weak permissions for vpnclient.ini, which allows local users to gain privileges by entering an arbitrary program name in the Command field of the ApplicationLauncher section. | 7.2 |
2011-07-07 | CVE-2011-2678 | Local Security vulnerability in Cisco VPN Client 5.0.7.0240/5.0.7.0290 The Cisco VPN Client 5.0.7.0240 and 5.0.7.0290 on 64-bit Windows platforms uses weak permissions (NT AUTHORITY\INTERACTIVE:F) for cvpnd.exe, which allows local users to gain privileges by replacing this executable file with an arbitrary program, aka Bug ID CSCtn50645. | 6.8 |