Privilege Escalation Vulnerability in Cisco VPN Client for Windows
CVE-2006-2679

Currently unrated

Key Information:

Vendor: Cisco
Status: Vpn Client
Vendor: CVE Published:; 31 May 2006

What is CVE-2006-2679?

An unspecified vulnerability exists in the graphical user interface (GUI) of the VPN Client for Windows that allows local authenticated users to potentially gain elevated privileges. The issue is related to the privileges of dialog boxes within the application, which may allow attackers with access to the system to exploit this flaw. This affects versions of the Cisco VPN Client for Windows prior to 4.8.00, except for the specific version 4.7.00.0533.

References

http://securitytracker.com/id?1016156

vdb-entryx_refsource_SECTRACK

http://www.vupen.com/english/advisories/2006/1964

vdb-entryx_refsource_VUPEN

https://exchange.xforce.ibmcloud.com/vulnerabilities/26632

vdb-entryx_refsource_XF

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 31, 2006
Vulnerability Reserved
May 30, 2006