| Cisco Secure Desktop CSDWebInstaller ActiveX Vulnerability |
| Vulnerability Description: | The Web Install ActiveX control (CSDWebInstaller) in Cisco Secure Desktop (CSD) does not properly verify the signatures of downloaded programs, which allows remote attackers to force the download and execution of arbitrary files via a crafted web page. |
|
| Category: | 3rd Party Software Vulnerabilities |
|
| Severity: | Critical |
|
| Reference: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0589 |
|
| Application: | Cisco Secure Desktop prior to 3.5.841, Cisco Secure Desktop Installer ActiveX Control 1.x |
|
| Vendor: | Cisco Systems, Inc. |
|
| Publish Date: | 07/15/2010 |
|
| Release Notes |
