CVE-2012-3052
medium
CVSS v3
—
CVSS v2
6.9
VIR risk
6.9
Description
Untrusted search path vulnerability in Cisco VPN Client 5.0 allows local users to gain privileges via a Trojan horse DLL in the current working directory, aka Bug ID CSCua28747.
Predictions
Exploit likelihood
20%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| cisco | vpn_client | 5.0 | |
| cisco | vpn_client | 5.0.01 | |
| cisco | vpn_client | 5.0.01.0600 | |
| cisco | vpn_client | 5.0.2 | |
| cisco | vpn_client | 5.0.02.0090 | |
| cisco | vpn_client | 5.0.2.0090 | |
| cisco | vpn_client | 5.0.03.0530 | |
| cisco | vpn_client | 5.0.03.0560 | |
| cisco | vpn_client | 5.0.04.0300 | |
| cisco | vpn_client | 5.0.5 | |
| cisco | vpn_client | 5.0.05.0290 | |
| cisco | vpn_client | 5.0.6 | |
| cisco | vpn_client | 5.0.06.0160 | |
| cisco | vpn_client | 5.0.7 | |
| cisco | vpn_client | 5.0.07.0290 | |
| cisco | vpn_client | 5.0.07.0410 | |
| cisco | vpn_client | 5.0.07.0440 | |
References
Verify integrity in audit chain (admin only). AS-IS.