Description
Buffer overflow in the Cisco Port Forwarder ActiveX control in cscopf.ocx, as distributed through the Clientless VPN feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.0 through 7.2 before 7.2(5.6), 8.0 before 8.0(5.26), 8.1 before 8.1(2.53), 8.2 before 8.2(5.18), 8.3 before 8.3(2.28), 8.2 before 8.4(2.16), and 8.6 before 8.6(1.1), allows remote attackers to execute arbitrary code via unspecified vectors, aka Bug ID CSCtr00165.
References (4)
Core 4
Core References
US Government Resource third-party-advisory
x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/339177
Vendor Advisory vendor-advisory
x_refsource_cisco
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120314-asaclient
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/74027
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1026799
Scores
EPSS
0.0618
EPSS Percentile
92.7%
Details
CWE
CWE-119
Status
published
Products (49)
cisco/5500_series_adaptive_security_appliance
cisco/adaptive_security_appliance_software
7.0
cisco/adaptive_security_appliance_software
7.0\(0\)
cisco/adaptive_security_appliance_software
7.0\(1\)
cisco/adaptive_security_appliance_software
7.0\(2\)
cisco/adaptive_security_appliance_software
7.0\(4\)
cisco/adaptive_security_appliance_software
7.0\(5\)
cisco/adaptive_security_appliance_software
7.0\(5.2\)
cisco/adaptive_security_appliance_software
7.0\(6\)
cisco/adaptive_security_appliance_software
7.0\(6.7\)
... and 39 more
Published
Mar 15, 2012
Tracked Since
Feb 18, 2026