Remote Code Execution in Cisco Show and Share Product
CVE-2011-2585

Currently unrated

Key Information:

Vendor: Cisco
Status: Show And Share
Vendor: CVE Published:; 20 October 2011

What is CVE-2011-2585?

A vulnerability in Cisco Show and Share allows remote authenticated users to exploit video upload privileges, enabling them to upload and execute arbitrary code. Affected versions include 5(2), 5.2(1), and 5.2(2), prior to 5.2(2.1). This security weakness, identified as Bug ID CSCto69857, highlights the importance of restricting user permissions and validating file uploads.

References

http://www.securityfocus.com/bid/50285

vdb-entryx_refsource_BID

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 20, 2011
Vulnerability Reserved
Jun 27, 2011