Release DateJul 18, 2011 |
Severityhigh |
ImpactSystem Compromise: Remote attackers can gain control of vulnerable systems. |
DescriptionThis indicates an attack attempt against a Code Execution vulnerability in Cisco AnyConnect Secure Mobility Client (formerly AnyConnect VPN Client).This vulnerability is due to a validation error in the helper application. Remote attackers can exploit it to execute arbitrary code. |
Affected ProductsCisco Systems AnyConnect Secure Mobility Client For Windows 2.3.0185 up to and including 2.3.0254 |
Recommended ActionsRefer to the vendor's advisory, which addressed this vulnerability.http://www.cisco.com/warp/public/707/cisco-sa-20110601-ac.shtml |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2011-2039 |
