[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] ZDI-11-092: (0day) Cisco Secure Desktop CSDWebInstaller ActiveX Control Cleaner.cab Remote Code Execution Vulnerability
- To: full-disclosure@xxxxxxxxxxxxxxxxx
- Subject: Re: [Full-disclosure] ZDI-11-092: (0day) Cisco Secure Desktop CSDWebInstaller ActiveX Control Cleaner.cab Remote Code Execution Vulnerability
- From: psirt@xxxxxxxxx
- Date: Mon, 28 Feb 2011 14:10:00 +0800
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
This is the Cisco PSIRT response to an issue that was discovered and
reported to Cisco by ZDI regarding a vulnerability in Cisco Secure
Desktop.
The original report is available at the following link:
http://www.zerodayinitiative.com/advisories/ZDI-11-092
We greatly appreciate the opportunity to work with researchers on
security vulnerabilities and welcome the opportunity to review and
assist in product reports.
This vulnerability is documented in Cisco bug ID CSCtj03005.
Cisco has published Intellishield alert ID :22528, which is available
at the following link:
http://tools.cisco.com/security/center/viewAlert.x?alertId=22528
Regards
Paul Oxman
PSIRT Incident Manager
poxman@xxxxxxxxx
Phone: +65 6317 7418
Pager: poxman@xxxxxxxxxxxxxxx
Cisco Systems, Inc. Singapore
Cisco.com - http://www.cisco.com/global/SG/
PGP Key: 0x6EA839A6
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (SunOS)
iFcDBQFNazsTQXnnBKKRMNARCEW1AP4xsSRy1Z0DGNzzPvmsqUXUWegY6ys4Sv2q
U4ed7Vmb4wD+JZt15Y0J4tzHnIBPaTI6rCMkqO3cGWrDPXWtcR0FHMg=
=HiD6
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/