RSS   Vulnerabilities for 'Secure enterprise client'   RSS

2023-12-09
 
CVE-2023-28868

CWE-59
 

 
Support Assistant in NCP Secure Enterprise Client before 12.22 allows attackers to delete arbitrary files on the operating system by creating a symbolic link.

 
 
CVE-2023-28869

CWE-59
 

 
Support Assistant in NCP Secure Enterprise Client before 12.22 allows attackers read the contents of arbitrary files on the operating system by creating a symbolic link.

 
 
CVE-2023-28870

CWE-276
 

 
Insecure File Permissions in Support Assistant in NCP Secure Enterprise Client before 12.22 allow attackers to write to configuration files from low-privileged user accounts.

 
 
CVE-2023-28871

CWE-59
 

 
Support Assistant in NCP Secure Enterprise Client before 12.22 allows attackers to read registry information of the operating system by creating a symbolic link.

 
2020-07-28
 
CVE-2020-11474

CWE-59
 

 
NCP Secure Enterprise Client before 10.15 r47589 allows a symbolic link attack on enumusb.reg via Support Assistant.

 
2012-09-06
 
CVE-2010-5203

 

 
Multiple untrusted search path vulnerabilities in NCP Secure Enterprise Client before 9.21 Build 68, Secure Entry Client before 9.23 Build 18, and Secure Client - Juniper Edition before 9.23 Build 18 allow local users to gain privileges via a Trojan horse (1) dvccsabase002.dll, (2) conman.dll, (3) kmpapi32.dll, or (4) ncpmon2.dll file in the current working directory, as demonstrated by a directory that contains a .pcf or .spd file. NOTE: some of these details are obtained from third party information.

 

 >>> Vendor: Ncp-e 4 Products
Secure client
Secure enterprise client
Secure entry client
Ncp secure entry client


Copyright 2024, cxsecurity.com

 

Back to Top