Skip to main content

Cisco Security Agent Outside In Technology File Processing Vulnerabilities

Last Update Date: 28 Oct 2011 15:00 Release Date: 28 Oct 2011 5641 Views

RISK: Medium Risk

TYPE: Security software and application - Security Software & Appliance

TYPE: Security Software & Appliance

Two vulnerabilities identified in Cisco Security Agent, which can be exploited by malicious people to compromise a vulnerable system.

  1. An unspecified error exists in the vswk6.dll and sccut.dll modules when handling Lotus 123 files.
  2. A second unspecified error exists in the vswk6.dll and sccut.dll modules when handling Microsoft CAB or OneNote (".onepkg") files.
     

Impact

  • Remote Code Execution

System / Technologies affected

  • Cisco Security Agent (CSA) 6.x for Windows

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Update to version 6.0.2.151.

Vulnerability Identifier


Source


Related Link