CVE-2011-0925 - Vulnerability Details - OpenCVE

The CSDWebInstallerCtrl ActiveX control in CSDWebInstaller.ocx in Cisco Secure Desktop (CSD) allows remote attackers to download an unintended Cisco program onto a client machine, and execute this program, by identifying a Cisco program with a Cisco digital signature and then renaming this program to inst.exe, a different vulnerability than CVE-2010-0589 and CVE-2011-0926.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Cisco	Secure Desktop

Configuration 1 [-]

cpe:2.3:a:cisco:secure_desktop:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://securityreason.com/securityalert/8108
http://www.securityfocus.com/archive/1/516648/100/0/threaded
http://www.securityfocus.com/bid/46538
http://www.securitytracker.com/id?1025118
http://www.vupen.com/english/advisories/2011/0513
http://zerodayinitiative.com/advisories/ZDI-11-092/
https://exchange.xforce.ibmcloud.com/vulnerabilities/65754

History

No history.

MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2011-02-28T15:00:00

Updated: 2024-08-06T22:05:54.658Z

Reserved: 2011-02-10T00:00:00

Link: CVE-2011-0925

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2011-02-28T16:00:01.320

Modified: 2025-04-11T00:51:21.963

Link: CVE-2011-0925

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2011-02-23T00:00:00", "descriptions": [{"lang": "en", "value": "The CSDWebInstallerCtrl ActiveX control in CSDWebInstaller.ocx in Cisco Secure Desktop (CSD) allows remote attackers to download an unintended Cisco program onto a client machine, and execute this program, by identifying a Cisco program with a Cisco digital signature and then renaming this program to inst.exe, a different vulnerability than CVE-2010-0589 and CVE-2011-0926."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-09T18:57:01", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco"}, "references": [{"name": "ADV-2011-0513", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2011/0513"}, {"name": "46538", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/46538"}, {"name": "1025118", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1025118"}, {"name": "20110223 ZDI-11-092: (0day) Cisco Secure Desktop CSDWebInstaller ActiveX Control Cleaner.cab Remote Code Execution Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/516648/100/0/threaded"}, {"name": "cisco-secure-activex-code-execution(65754)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65754"}, {"name": "8108", "tags": ["third-party-advisory", "x_refsource_SREASON"], "url": "http://securityreason.com/securityalert/8108"}, {"tags": ["x_refsource_MISC"], "url": "http://zerodayinitiative.com/advisories/ZDI-11-092/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@cisco.com", "ID": "CVE-2011-0925", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The CSDWebInstallerCtrl ActiveX control in CSDWebInstaller.ocx in Cisco Secure Desktop (CSD) allows remote attackers to download an unintended Cisco program onto a client machine, and execute this program, by identifying a Cisco program with a Cisco digital signature and then renaming this program to inst.exe, a different vulnerability than CVE-2010-0589 and CVE-2011-0926."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "ADV-2011-0513", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2011/0513"}, {"name": "46538", "refsource": "BID", "url": "http://www.securityfocus.com/bid/46538"}, {"name": "1025118", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1025118"}, {"name": "20110223 ZDI-11-092: (0day) Cisco Secure Desktop CSDWebInstaller ActiveX Control Cleaner.cab Remote Code Execution Vulnerability", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/516648/100/0/threaded"}, {"name": "cisco-secure-activex-code-execution(65754)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65754"}, {"name": "8108", "refsource": "SREASON", "url": "http://securityreason.com/securityalert/8108"}, {"name": "http://zerodayinitiative.com/advisories/ZDI-11-092/", "refsource": "MISC", "url": "http://zerodayinitiative.com/advisories/ZDI-11-092/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T22:05:54.658Z"}, "title": "CVE Program Container", "references": [{"name": "ADV-2011-0513", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2011/0513"}, {"name": "46538", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/46538"}, {"name": "1025118", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1025118"}, {"name": "20110223 ZDI-11-092: (0day) Cisco Secure Desktop CSDWebInstaller ActiveX Control Cleaner.cab Remote Code Execution Vulnerability", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/516648/100/0/threaded"}, {"name": "cisco-secure-activex-code-execution(65754)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65754"}, {"name": "8108", "tags": ["third-party-advisory", "x_refsource_SREASON", "x_transferred"], "url": "http://securityreason.com/securityalert/8108"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://zerodayinitiative.com/advisories/ZDI-11-092/"}]}]}, "cveMetadata": {"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2011-0925", "datePublished": "2011-02-28T15:00:00", "dateReserved": "2011-02-10T00:00:00", "dateUpdated": "2024-08-06T22:05:54.658Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:secure_desktop:*:*:*:*:*:*:*:*", "matchCriteriaId": "F91DD0D2-B573-4FE3-933A-02E8F4D35E56", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The CSDWebInstallerCtrl ActiveX control in CSDWebInstaller.ocx in Cisco Secure Desktop (CSD) allows remote attackers to download an unintended Cisco program onto a client machine, and execute this program, by identifying a Cisco program with a Cisco digital signature and then renaming this program to inst.exe, a different vulnerability than CVE-2010-0589 and CVE-2011-0926."}, {"lang": "es", "value": "El control CSDWebInstallerCtrl ActiveX en CSDWebInstaller.ocx en Cisco Secure Desktop (CSD) permite a atacantes remotos descargar un programa Cisco no deseado en un equipo cliente, y ejecutar este programa, mediante la identificaci\u00f3n de un programa Cisco con una firma digital Cisco y despu\u00e9s renombrando este programa a inst.exe, una vulnerabilidad diferente que CVE-2010-0589 y CVE-2011-0926."}], "id": "CVE-2011-0925", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2011-02-28T16:00:01.320", "references": [{"source": "psirt@cisco.com", "url": "http://securityreason.com/securityalert/8108"}, {"source": "psirt@cisco.com", "url": "http://www.securityfocus.com/archive/1/516648/100/0/threaded"}, {"source": "psirt@cisco.com", "url": "http://www.securityfocus.com/bid/46538"}, {"source": "psirt@cisco.com", "url": "http://www.securitytracker.com/id?1025118"}, {"source": "psirt@cisco.com", "url": "http://www.vupen.com/english/advisories/2011/0513"}, {"source": "psirt@cisco.com", "url": "http://zerodayinitiative.com/advisories/ZDI-11-092/"}, {"source": "psirt@cisco.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65754"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securityreason.com/securityalert/8108"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/516648/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/46538"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1025118"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2011/0513"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://zerodayinitiative.com/advisories/ZDI-11-092/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65754"}], "sourceIdentifier": "psirt@cisco.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}