CVE-2015-0664

EUVD-2015-0677
The IPC channel in Cisco AnyConnect Secure Mobility Client 4.0(.00051) and earlier allows local users to write to arbitrary userspace memory locations, and consequently gain privileges, via crafted messages, aka Bug ID CSCus79195.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:S/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 22%
Affected Products (NVD)
VendorProductVersion
ciscoanyconnect_secure_mobility_client
𝑥
≤ 4.0\(.00051\)
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://tools.cisco.com/security/center/viewAlert.x?alertId=37861
http://www.securitytracker.com/id/1031932
http://tools.cisco.com/security/center/viewAlert.x?alertId=37861
http://www.securitytracker.com/id/1031932