CVE-2007-4415

Cisco VPN Client on Windows before 5.0.01.0600, and the 5.0.01.0600 InstallShield (IS) release, uses weak permissions for cvpnd.exe (Modify granted to Interactive Users), which allows local users to gain privileges via a modified cvpnd.exe.

Severity	MEDIUM
CVSS	6.8
CWE	NVD-CWE-Other
KEV
Published	18 years ago
Modified	3 weeks ago

Related Products

Product	Advisory	Evidence
Cisco VPN Client for Windows	cisco-sa-20070815-vpnclient	Cisco OpenVuln