Cisco

Vpn Client

18 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.2

CVE-2015-7600

Exploit
  • EPSS 0.07%
  • Published 06.10.2015 17:59:27
  • Last modified 12.04.2025 10:46:40

Cisco VPN Client 5.x through 5.0.07.0440 uses weak permissions for vpnclient.ini, which allows local users to gain privileges by entering an arbitrary program name in the Command field of the ApplicationLauncher section.

4.6

CVE-2012-5429

  • EPSS 0.11%
  • Published 17.01.2013 21:55:00
  • Last modified 11.04.2025 00:51:21

The VPN driver in Cisco VPN Client on Windows does not properly interact with the kernel, which allows local users to cause a denial of service (kernel fault and system crash) via a crafted application, aka Bug ID CSCuc81669.

6.9

CVE-2012-3052

  • EPSS 0.14%
  • Published 16.09.2012 10:34:50
  • Last modified 11.04.2025 00:51:21

Untrusted search path vulnerability in Cisco VPN Client 5.0 allows local users to gain privileges via a Trojan horse DLL in the current working directory, aka Bug ID CSCua28747.

6.8

CVE-2011-2678

  • EPSS 0.03%
  • Published 07.07.2011 19:55:03
  • Last modified 11.04.2025 00:51:21

The Cisco VPN Client 5.0.7.0240 and 5.0.7.0290 on 64-bit Windows platforms uses weak permissions (NT AUTHORITY\INTERACTIVE:F) for cvpnd.exe, which allows local users to gain privileges by replacing this executable file with an arbitrary program, aka ...

2.1

CVE-2009-4118

Exploit
  • EPSS 0.28%
  • Published 01.12.2009 00:30:00
  • Last modified 09.04.2025 00:30:58

The StartServiceCtrlDispatcher function in the cvpnd service (cvpnd.exe) in Cisco VPN client for Windows before 5.0.06.0100 does not properly handle an ERROR_FAILED_SERVICE_CONTROLLER_CONNECT error, which allows local users to cause a denial of servi...

4.9

CVE-2008-0324

Exploit
  • EPSS 0.59%
  • Published 17.01.2008 03:00:00
  • Last modified 09.04.2025 00:30:58

Cisco Systems VPN Client IPSec Driver (CVPNDRVA.sys) 5.0.02.0090 allows local users to cause a denial of service (crash) by calling the 0x80002038 IOCTL with a small size value, which triggers memory corruption.

6.8

CVE-2007-4415

  • EPSS 0.05%
  • Published 18.08.2007 21:17:00
  • Last modified 09.04.2025 00:30:58

Cisco VPN Client on Windows before 5.0.01.0600, and the 5.0.01.0600 InstallShield (IS) release, uses weak permissions for cvpnd.exe (Modify granted to Interactive Users), which allows local users to gain privileges via a modified cvpnd.exe.

6.8

CVE-2007-4414

  • EPSS 0.06%
  • Published 18.08.2007 21:17:00
  • Last modified 09.04.2025 00:30:58

Cisco VPN Client on Windows before 4.8.02.0010 allows local users to gain privileges by enabling the "Start Before Logon" (SBL) and Microsoft Dial-Up Networking options, and then interacting with the dial-up networking dialog box.

3.5

CVE-2007-1467

  • EPSS 0.56%
  • Published 16.03.2007 21:19:00
  • Last modified 09.04.2025 00:30:58

Multiple cross-site scripting (XSS) vulnerabilities in (1) PreSearch.html and (2) PreSearch.class in Cisco Secure Access Control Server (ACS), VPN Client, Unified Personal Communicator, MeetingPlace, Unified MeetingPlace, Unified MeetingPlace Express...

7.2

CVE-2006-2679

  • EPSS 0.05%
  • Published 31.05.2006 10:06:00
  • Last modified 03.04.2025 01:03:51

Unspecified vulnerability in the VPN Client for Windows Graphical User Interface (GUI) (aka the VPN client dialer) in Cisco VPN Client for Windows 4.8.00.* and earlier, except for 4.7.00.0533, allows local authenticated, interactive users to gain pri...