CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2011-2039

The helper application in Cisco AnyConnect Secure Mobility Client (formerly AnyConnect VPN Client) before 2.3.185 on Windows, and on Windows Mobile, downloads a client executable file (vpndownloader.exe) without verifying its authenticity, which allows remote attackers to execute arbitrary code via the url property to a certain ActiveX control in vpnweb.ocx, aka Bug ID CSCsy00904.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.853

EPSS Ranking 99.3%

CVSS Severity

CVSS v2 Score 7.6

References

Products affected by CVE-2011-2039

Cisco » Anyconnect Secure Mobility Client » Version: N/A

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:-
Cisco » Anyconnect Secure Mobility Client » Version: 2.0

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.0
Cisco » Anyconnect Secure Mobility Client » Version: 2.1

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.1
Cisco » Anyconnect Secure Mobility Client » Version: 2.2

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.2
Cisco » Anyconnect Secure Mobility Client » Version: 2.2.128

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.2.128
Cisco » Anyconnect Secure Mobility Client » Version: 2.2.133

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.2.133
Cisco » Anyconnect Secure Mobility Client » Version: 2.2.136

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.2.136
Cisco » Anyconnect Secure Mobility Client » Version: 2.2.140

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.2.140
Cisco » Anyconnect Secure Mobility Client » Version: 2.3

cpe:2.3:a:cisco:anyconnect_secure_mobility_client:2.3
Microsoft » Windows » Version: N/A

cpe:2.3:o:microsoft:windows:-
Microsoft » Windows » Version: 1.0

cpe:2.3:o:microsoft:windows:1.0
Microsoft » Windows » Version: 2.0

cpe:2.3:o:microsoft:windows:2.0
Microsoft » Windows » Version: 2000

cpe:2.3:o:microsoft:windows:2000
Microsoft » Windows » Version: 3.0

cpe:2.3:o:microsoft:windows:3.0
Microsoft » Windows » Version: 3.1

cpe:2.3:o:microsoft:windows:3.1
Microsoft » Windows » Version: 3.11

cpe:2.3:o:microsoft:windows:3.11
Microsoft » Windows » Version: server_2008

cpe:2.3:o:microsoft:windows:server_2008
Microsoft » Windows » Version: vista

cpe:2.3:o:microsoft:windows:vista
Microsoft » Windows Mobile » Version: N/A

cpe:2.3:o:microsoft:windows_mobile:-
Microsoft » Windows Mobile » Version: 2003

cpe:2.3:o:microsoft:windows_mobile:2003
Microsoft » Windows Mobile » Version: 2003_se

cpe:2.3:o:microsoft:windows_mobile:2003_se
Microsoft » Windows Mobile » Version: 2005

cpe:2.3:o:microsoft:windows_mobile:2005
Microsoft » Windows Mobile » Version: 5.0

cpe:2.3:o:microsoft:windows_mobile:5.0
Microsoft » Windows Mobile » Version: 6.0

cpe:2.3:o:microsoft:windows_mobile:6.0
Microsoft » Windows Mobile » Version: 6.1

cpe:2.3:o:microsoft:windows_mobile:6.1
Microsoft » Windows Mobile » Version: 6.5

cpe:2.3:o:microsoft:windows_mobile:6.5
Microsoft » Windows Mobile » Version: 8.0

cpe:2.3:o:microsoft:windows_mobile:8.0
Microsoft » Windows Mobile » Version: 8.1

cpe:2.3:o:microsoft:windows_mobile:8.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2011-2039

Products

Pricing

Contact Us