Cisco Secure Desktop Remote XSS Vulnerability
This vulnerability (CVE-2010-0440) could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks. Cisco has released patches to address the vulnerability as well as workaround to mitigate this risk. The Cisco alert is available here.
The following versions are vulnerable:
- Cisco Secure Desktop versions prior to 3.5
- Cisco ASA appliances are vulnerable only if the Cisco Secure Desktop feature has been enabled
- Cisco ASA appliance versions prior to 8.2(1), 8.1(2.7), and 8.0(5) are vulnerable
-----------
Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot org
Keywords: Cisco Secure Desktop Remote XSS
0 comment(s)
×
Diary Archives
Comments