CVE-2011-0926

critical Cisco
CVSS v3 Base Score
9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
EPSS Score
4.5%
Exploitation probability in 30 days
Top 11% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
M
Confidentiality
C
Integrity
C
Availability
C
Published: February 25, 2011 (5556 days ago)
Last Modified: April 29, 2026
Vendor: Cisco
Source: NVD

Description

A certain ActiveX control in CSDWebInstaller.ocx in Cisco Secure Desktop (CSD) does not properly verify the signature of an unspecified downloaded program, which allows remote attackers to execute arbitrary code by spoofing the CSD installation process, a different vulnerability than CVE-2010-0589.

CWE

CWE-20

Affected Products

cisco secure desktop

References

🔗 securityreason.com 🔗 www.securityfocus.com 🔗 www.securityfocus.com 🔗 www.securitytracker.com 🔗 www.vupen.com