CVE-2012-0358

Cisco ASA <8.4 - Buffer Overflow

Title source: llm
STIX 2.1

Description

Buffer overflow in the Cisco Port Forwarder ActiveX control in cscopf.ocx, as distributed through the Clientless VPN feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.0 through 7.2 before 7.2(5.6), 8.0 before 8.0(5.26), 8.1 before 8.1(2.53), 8.2 before 8.2(5.18), 8.3 before 8.3(2.28), 8.2 before 8.4(2.16), and 8.6 before 8.6(1.1), allows remote attackers to execute arbitrary code via unspecified vectors, aka Bug ID CSCtr00165.

References (4)

Core 4
Core References
US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/339177
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/74027
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1026799

Scores

EPSS 0.0618
EPSS Percentile 92.7%

Details

CWE
CWE-119
Status published
Products (49)
cisco/5500_series_adaptive_security_appliance
cisco/adaptive_security_appliance_software 7.0
cisco/adaptive_security_appliance_software 7.0\(0\)
cisco/adaptive_security_appliance_software 7.0\(1\)
cisco/adaptive_security_appliance_software 7.0\(2\)
cisco/adaptive_security_appliance_software 7.0\(4\)
cisco/adaptive_security_appliance_software 7.0\(5\)
cisco/adaptive_security_appliance_software 7.0\(5.2\)
cisco/adaptive_security_appliance_software 7.0\(6\)
cisco/adaptive_security_appliance_software 7.0\(6.7\)
... and 39 more
Published Mar 15, 2012
Tracked Since Feb 18, 2026