Vulnerability Database

289,784

Total vulnerabilities in the database

CVE-2015-6305

Untrusted search path vulnerability in the CMainThread::launchDownloader function in vpndownloader.exe in Cisco AnyConnect Secure Mobility Client 2.0 through 4.1 on Windows allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by dbghelp.dll, aka Bug ID CSCuv01279. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-4211.

  • Published: Sep 26, 2015
  • Updated: Apr 13, 2023
  • CVE: CVE-2015-6305
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 7.2
  • AV:L/AC:L/Au:N/C:C/I:C/A:C

CWEs:

Software From Fixed in
cisco / anyconnect_secure_mobility_client 2.0.0343 2.0.0343.x
cisco / anyconnect_secure_mobility_client 2.1.0.148 2.1.0.148.x
cisco / anyconnect_secure_mobility_client 2.2.0133 2.2.0133.x
cisco / anyconnect_secure_mobility_client 2.2.0136 2.2.0136.x
cisco / anyconnect_secure_mobility_client 2.2.0140 2.2.0140.x
cisco / anyconnect_secure_mobility_client 2.3.0185 2.3.0185.x
cisco / anyconnect_secure_mobility_client 2.3.0254 2.3.0254.x
cisco / anyconnect_secure_mobility_client 2.3.1003 2.3.1003.x
cisco / anyconnect_secure_mobility_client 2.3.2016 2.3.2016.x
cisco / anyconnect_secure_mobility_client 2.4.0202 2.4.0202.x
cisco / anyconnect_secure_mobility_client 2.4.1012 2.4.1012.x
cisco / anyconnect_secure_mobility_client 2.5.0217 2.5.0217.x
cisco / anyconnect_secure_mobility_client 2.5.2006 2.5.2006.x
cisco / anyconnect_secure_mobility_client 2.5.2010 2.5.2010.x
cisco / anyconnect_secure_mobility_client 2.5.2011 2.5.2011.x
cisco / anyconnect_secure_mobility_client 2.5.2014 2.5.2014.x
cisco / anyconnect_secure_mobility_client 2.5.2017 2.5.2017.x
cisco / anyconnect_secure_mobility_client 2.5.2018 2.5.2018.x
cisco / anyconnect_secure_mobility_client 2.5.2019 2.5.2019.x
cisco / anyconnect_secure_mobility_client 2.5.3041 2.5.3041.x
cisco / anyconnect_secure_mobility_client 2.5.3046 2.5.3046.x
cisco / anyconnect_secure_mobility_client 2.5.3051 2.5.3051.x
cisco / anyconnect_secure_mobility_client 2.5.3054 2.5.3054.x
cisco / anyconnect_secure_mobility_client 2.5.3055 2.5.3055.x
cisco / anyconnect_secure_mobility_client 2.5_base 2.5_base.x
cisco / anyconnect_secure_mobility_client 3.0.0 3.0.0.x
cisco / anyconnect_secure_mobility_client 3.0.0629 3.0.0629.x
cisco / anyconnect_secure_mobility_client 3.0.1047 3.0.1047.x
cisco / anyconnect_secure_mobility_client 3.0.2052 3.0.2052.x
cisco / anyconnect_secure_mobility_client 3.0.3050 3.0.3050.x
cisco / anyconnect_secure_mobility_client 3.0.3054 3.0.3054.x
cisco / anyconnect_secure_mobility_client 3.0.4235 3.0.4235.x
cisco / anyconnect_secure_mobility_client 3.0.5075 3.0.5075.x
cisco / anyconnect_secure_mobility_client 3.0.5080 3.0.5080.x
cisco / anyconnect_secure_mobility_client 3.0.09231 3.0.09231.x
cisco / anyconnect_secure_mobility_client 3.0.09266 3.0.09266.x
cisco / anyconnect_secure_mobility_client 3.0.09353 3.0.09353.x
cisco / anyconnect_secure_mobility_client 3.1(60) 3.1(60).x
cisco / anyconnect_secure_mobility_client 3.1.0 3.1.0.x
cisco / anyconnect_secure_mobility_client 3.1.02043 3.1.02043.x
cisco / anyconnect_secure_mobility_client 3.1.05182 3.1.05182.x
cisco / anyconnect_secure_mobility_client 3.1.05187 3.1.05187.x
cisco / anyconnect_secure_mobility_client 3.1.06073 3.1.06073.x
cisco / anyconnect_secure_mobility_client 3.1.07021 3.1.07021.x
cisco / anyconnect_secure_mobility_client 4.0(48) 4.0(48).x
cisco / anyconnect_secure_mobility_client 4.0(64) 4.0(64).x
cisco / anyconnect_secure_mobility_client 4.0(2049) 4.0(2049).x
cisco / anyconnect_secure_mobility_client 4.0.0 4.0.0.x
cisco / anyconnect_secure_mobility_client 4.0.00048 4.0.00048.x
cisco / anyconnect_secure_mobility_client 4.0.00051 4.0.00051.x
cisco / anyconnect_secure_mobility_client 4.1.0 4.1.0.x