6.8
CVE-2013-5559
- EPSS 1.87%
- Veröffentlicht 04.11.2013 16:55:05
- Zuletzt bearbeitet 11.04.2025 00:51:21
- Quelle psirt@cisco.com
- Teams Watchlist Login
- Unerledigt Login
Buffer overflow in the Active Template Library (ATL) framework in the VPNAPI COM module in Cisco AnyConnect Secure Mobility Client 2.x allows user-assisted remote attackers to execute arbitrary code via a crafted HTML document, aka Bug ID CSCuj58139.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Cisco ≫ Anyconnect Secure Mobility Client Version2.0
Cisco ≫ Anyconnect Secure Mobility Client Version2.1
Cisco ≫ Anyconnect Secure Mobility Client Version2.2
Cisco ≫ Anyconnect Secure Mobility Client Version2.2.128
Cisco ≫ Anyconnect Secure Mobility Client Version2.2.133
Cisco ≫ Anyconnect Secure Mobility Client Version2.2.136
Cisco ≫ Anyconnect Secure Mobility Client Version2.2.140
Cisco ≫ Anyconnect Secure Mobility Client Version2.3
Cisco ≫ Anyconnect Secure Mobility Client Version2.3.185
Cisco ≫ Anyconnect Secure Mobility Client Version2.3.254
Cisco ≫ Anyconnect Secure Mobility Client Version2.3.2016
Cisco ≫ Anyconnect Secure Mobility Client Version2.4
Cisco ≫ Anyconnect Secure Mobility Client Version2.4 SwPlatformsymbian_os
Cisco ≫ Anyconnect Secure Mobility Client Version2.4.0202
Cisco ≫ Anyconnect Secure Mobility Client Version2.4.1012
Cisco ≫ Anyconnect Secure Mobility Client Version2.4.4004 SwPlatformiphone_os
Cisco ≫ Anyconnect Secure Mobility Client Version2.4.4014 SwPlatformiphone_os
Cisco ≫ Anyconnect Secure Mobility Client Version2.4.5004 SwPlatformsymbian_os
Cisco ≫ Anyconnect Secure Mobility Client Version2.4.7030 SwPlatformandroid
Cisco ≫ Anyconnect Secure Mobility Client Version2.4.7073 SwPlatformandroid
Cisco ≫ Anyconnect Secure Mobility Client Version2.5
Cisco ≫ Anyconnect Secure Mobility Client Version2.5.0217
Cisco ≫ Anyconnect Secure Mobility Client Version2.5.1025
Cisco ≫ Anyconnect Secure Mobility Client Version2.5.2001
Cisco ≫ Anyconnect Secure Mobility Client Version2.5.2006
Cisco ≫ Anyconnect Secure Mobility Client Version2.5.2010
Cisco ≫ Anyconnect Secure Mobility Client Version2.5.2011
Cisco ≫ Anyconnect Secure Mobility Client Version2.5.2014
Cisco ≫ Anyconnect Secure Mobility Client Version2.5.2017
Cisco ≫ Anyconnect Secure Mobility Client Version2.5.2018
Cisco ≫ Anyconnect Secure Mobility Client Version2.5.2019
Cisco ≫ Anyconnect Secure Mobility Client Version2.5.3041
Cisco ≫ Anyconnect Secure Mobility Client Version2.5.3046
Cisco ≫ Anyconnect Secure Mobility Client Version2.5.3051
Cisco ≫ Anyconnect Secure Mobility Client Version2.5.3054
Cisco ≫ Anyconnect Secure Mobility Client Version2.5.3055
Cisco ≫ Anyconnect Secure Mobility Client Version2.5.5112 SwPlatformiphone_os
Cisco ≫ Anyconnect Secure Mobility Client Version2.5.5116 SwPlatformandroid
Cisco ≫ Anyconnect Secure Mobility Client Version2.5.5118 SwPlatformandroid
Cisco ≫ Anyconnect Secure Mobility Client Version2.5.5125 SwPlatformandroid
Cisco ≫ Anyconnect Secure Mobility Client Version2.5.5130 SwPlatformiphone_os
Cisco ≫ Anyconnect Secure Mobility Client Version2.5.5131 SwPlatformandroid
Cisco ≫ Anyconnect Secure Mobility Client Version2.5.6005
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.87% | 0.814 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.8 | 8.6 | 6.4 |
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.