CVE-2013-5559

Cisco AnyConnect Secure Mobility Client 2.x - Remote Code Execution via Crafted HTML Document

Title source: llm
STIX 2.1

Description

Buffer overflow in the Active Template Library (ATL) framework in the VPNAPI COM module in Cisco AnyConnect Secure Mobility Client 2.x allows user-assisted remote attackers to execute arbitrary code via a crafted HTML document, aka Bug ID CSCuj58139.

References (1)

Core 1
Core References

Scores

EPSS 0.0203
EPSS Percentile 78.8%

Details

CWE
CWE-119
Status published
Products (42)
cisco/anyconnect_secure_mobility_client 2.0
cisco/anyconnect_secure_mobility_client 2.1
cisco/anyconnect_secure_mobility_client 2.2
cisco/anyconnect_secure_mobility_client 2.2.128
cisco/anyconnect_secure_mobility_client 2.2.133
cisco/anyconnect_secure_mobility_client 2.2.136
cisco/anyconnect_secure_mobility_client 2.2.140
cisco/anyconnect_secure_mobility_client 2.3
cisco/anyconnect_secure_mobility_client 2.3.185
cisco/anyconnect_secure_mobility_client 2.3.254
... and 32 more
Published Nov 04, 2013
Tracked Since Feb 18, 2026