فا

‫ Cisco Adaptive Security Appliances Port Forwarder ActiveX Control Buffer Overflow Vulnerability

IRCAD2012031786
ID: IRCAD2012031786
Release Date: 2012-03-15
Criticality level: Highly critical
Software:
Cisco Adaptive Security Appliance (ASA) 7.x
Cisco Adaptive Security Appliance (ASA) 8.x
Cisco ASA 5500 Series Adaptive Security Appliances
Cisco Port Forwarder ActiveX Control 1.x
Description:
A vulnerability has been reported in Cisco Adaptive Security Appliances, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due an error in the Cisco Port Forwarder ActiveX Control (cscopf.ocx) when processing certain initialisation parameters and can be exploited to cause a buffer overflow.
Successful exploitation may allow execution of arbitrary code.
Note: This vulnerability only affects the Cisco ASA 5500 Series.
The vulnerability is reported in cscopf.ocx version 1.0.1.8. Please see the vendor's advisory for a list of affected Cisco Adaptive Security Appliances versions.
Solution
Update Cisco Adaptive Security Appliances to a fixed version and update the ActiveX Control (please see the vendor's advisory for details).
References:
Cisco:
US-CERT:
Secunia:

نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

نوشته

 
تاریخ ایجاد: 27 اسفند 1390

امتیاز

امتیاز شما
تعداد امتیازها: 0