Vulnerability CVE-2006-5807


Published: 2006-11-08   Modified: 2012-02-12

Description:
Cisco Secure Desktop (CSD) before 3.1.1.45 allows local users to escape out of the secure desktop environment by using certain applications that switch to the default desktop, aka "System Policy Evasion".

CVSS2 => (AV:L/AC:L/Au:N/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
4.6/10
6.4/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial
Affected software
Cisco -> Secure desktop 

 References:
http://xforce.iss.net/xforce/xfdb/30130
http://www.vupen.com/english/advisories/2006/4409
http://www.securityfocus.com/bid/20964
http://www.cisco.com/warp/public/707/cisco-sa-20061108-csd.shtml
http://securitytracker.com/id?1017195
http://secunia.com/advisories/22747
http://www.osvdb.org/30307

Copyright 2024, cxsecurity.com

 

Back to Top