CVE Vulnerabilities

CVE-2007-4415

Published: Aug 18, 2007 | Modified: Oct 15, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
6.8 MEDIUM
AV:L/AC:L/Au:S/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

Cisco VPN Client on Windows before 5.0.01.0600, and the 5.0.01.0600 InstallShield (IS) release, uses weak permissions for cvpnd.exe (Modify granted to Interactive Users), which allows local users to gain privileges via a modified cvpnd.exe.

Affected Software

Name Vendor Start Version End Version
Vpn_client Cisco * 5.0.01
Vpn_client Cisco 5.0.01.0600 5.0.01.0600

References