CVE-2013-5559
Cisco AnyConnect Secure Mobility Client 2.x - Remote Code Execution via Crafted HTML Document
Title source: llmDescription
Buffer overflow in the Active Template Library (ATL) framework in the VPNAPI COM module in Cisco AnyConnect Secure Mobility Client 2.x allows user-assisted remote attackers to execute arbitrary code via a crafted HTML document, aka Bug ID CSCuj58139.
References (1)
Core 1
Core References
Vendor Advisory vendor-advisory
x_refsource_cisco
http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-5559
Scores
EPSS
0.0203
EPSS Percentile
78.8%
Details
CWE
CWE-119
Status
published
Products (42)
cisco/anyconnect_secure_mobility_client
2.0
cisco/anyconnect_secure_mobility_client
2.1
cisco/anyconnect_secure_mobility_client
2.2
cisco/anyconnect_secure_mobility_client
2.2.128
cisco/anyconnect_secure_mobility_client
2.2.133
cisco/anyconnect_secure_mobility_client
2.2.136
cisco/anyconnect_secure_mobility_client
2.2.140
cisco/anyconnect_secure_mobility_client
2.3
cisco/anyconnect_secure_mobility_client
2.3.185
cisco/anyconnect_secure_mobility_client
2.3.254
... and 32 more
Published
Nov 04, 2013
Tracked Since
Feb 18, 2026