CVE-2015-0664

The IPC channel in Cisco AnyConnect Secure Mobility Client 4.0(.00051) and earlier allows local users to write to arbitrary userspace memory locations, and consequently gain privileges, via crafted messages, aka Bug ID CSCus79195.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 UNKNOWN
LOCAL
LOW
AV:L/AC:L/Au:S/C:P/I:P/A:P
ciscoCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 23%
VendorProductVersion
ciscoanyconnect_secure_mobility_client
𝑥
≤ 4.0\(.00051\)
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://tools.cisco.com/security/center/viewAlert.x?alertId=37861
http://www.securitytracker.com/id/1031932
http://tools.cisco.com/security/center/viewAlert.x?alertId=37861
http://www.securitytracker.com/id/1031932