CVE-2012-0358: Buffer Overflow
First published: Thu Mar 15 2012(Updated: )
Buffer overflow in the Cisco Port Forwarder ActiveX control in cscopf.ocx, as distributed through the Clientless VPN feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.0 through 7.2 before 7.2(5.6), 8.0 before 8.0(5.26), 8.1 before 8.1(2.53), 8.2 before 8.2(5.18), 8.3 before 8.3(2.28), 8.2 before 8.4(2.16), and 8.6 before 8.6(1.1), allows remote attackers to execute arbitrary code via unspecified vectors, aka Bug ID CSCtr00165.
Credit: ykramarz@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Adaptive Security Appliance Software | =7.0 | |
| Cisco Adaptive Security Appliance Software | =7.0\(0\) | |
| Cisco Adaptive Security Appliance Software | =7.0\(1\) | |
| Cisco Adaptive Security Appliance Software | =7.0\(2\) | |
| Cisco Adaptive Security Appliance Software | =7.0\(4\) | |
| Cisco Adaptive Security Appliance Software | =7.0\(5\) | |
| Cisco Adaptive Security Appliance Software | =7.0\(5.2\) | |
| Cisco Adaptive Security Appliance Software | =7.0\(6\) | |
| Cisco Adaptive Security Appliance Software | =7.0\(6.7\) | |
| Cisco Adaptive Security Appliance Software | =7.0\(7\) | |
| Cisco Adaptive Security Appliance Software | =7.0\(8\) | |
| Cisco Adaptive Security Appliance Software | =7.0.1 | |
| Cisco Adaptive Security Appliance Software | =7.0.1.4 | |
| Cisco Adaptive Security Appliance Software | =7.0.2 | |
| Cisco Adaptive Security Appliance Software | =7.0.4 | |
| Cisco Adaptive Security Appliance Software | =7.0.4.3 | |
| Cisco Adaptive Security Appliance Software | =7.0.5 | |
| Cisco Adaptive Security Appliance Software | =7.0.6 | |
| Cisco Adaptive Security Appliance Software | =7.0.7 | |
| Cisco Adaptive Security Appliance Software | =7.0.8 | |
| Cisco Adaptive Security Appliance Software | =7.0.8-interim | |
| Cisco Adaptive Security Appliance Software | =7.1 | |
| Cisco Adaptive Security Appliance Software | =7.1\(2\) | |
| Cisco Adaptive Security Appliance Software | =7.1\(2.5\) | |
| Cisco Adaptive Security Appliance Software | =7.1\(2.27\) | |
| Cisco Adaptive Security Appliance Software | =7.1\(2.48\) | |
| Cisco Adaptive Security Appliance Software | =7.1\(2.49\) | |
| Cisco Adaptive Security Appliance Software | =7.1\(5\) | |
| Cisco Adaptive Security Appliance Software | =7.1.1 | |
| Cisco Adaptive Security Appliance Software | =7.1.2 | |
| Cisco Adaptive Security Appliance Software | =7.2 | |
| Cisco Adaptive Security Appliance Software | =7.2\(1\) | |
| Cisco Adaptive Security Appliance Software | =7.2\(1.22\) | |
| Cisco Adaptive Security Appliance Software | =7.2\(2\) | |
| Cisco Adaptive Security Appliance Software | =7.2\(2.5\) | |
| Cisco Adaptive Security Appliance Software | =7.2\(2.7\) | |
| Cisco Adaptive Security Appliance Software | =7.2\(2.8\) | |
| Cisco Adaptive Security Appliance Software | =7.2\(2.10\) | |
| Cisco Adaptive Security Appliance Software | =7.2\(2.14\) | |
| Cisco Adaptive Security Appliance Software | =7.2\(2.15\) | |
| Cisco Adaptive Security Appliance Software | =7.2\(2.16\) | |
| Cisco Adaptive Security Appliance Software | =7.2\(2.17\) | |
| Cisco Adaptive Security Appliance Software | =7.2\(2.18\) | |
| Cisco Adaptive Security Appliance Software | =7.2\(2.19\) | |
| Cisco Adaptive Security Appliance Software | =7.2\(2.48\) | |
| Cisco Adaptive Security Appliance Software | =7.2\(3\) | |
| Cisco Adaptive Security Appliance Software | =7.2\(4\) | |
| Cisco Adaptive Security Appliance Software | =7.2\(5\) | |
| Cisco Adaptive Security Appliance Software | =7.2.1 | |
| Cisco Adaptive Security Appliance Software | =7.2.2 | |
| Cisco Adaptive Security Appliance Software | =7.2.3 | |
| Cisco Adaptive Security Appliance Software | =7.2.4 | |
| Cisco Adaptive Security Appliance Software | =7.2.5 | |
| Cisco Adaptive Security Appliance Software | =8.0 | |
| Cisco Adaptive Security Appliance Software | =8.0\(2\) | |
| Cisco Adaptive Security Appliance Software | =8.0\(3\) | |
| Cisco Adaptive Security Appliance Software | =8.0\(4\) | |
| Cisco Adaptive Security Appliance Software | =8.0\(5\) | |
| Cisco Adaptive Security Appliance Software | =8.0.2 | |
| Cisco Adaptive Security Appliance Software | =8.0.3 | |
| Cisco Adaptive Security Appliance Software | =8.0.4 | |
| Cisco Adaptive Security Appliance Software | =8.0.5 | |
| Cisco Adaptive Security Appliance Software | =8.1 | |
| Cisco Adaptive Security Appliance Software | =8.2\(1\) | |
| Cisco Adaptive Security Appliance Software | =8.2\(2\) | |
| Cisco Adaptive Security Appliance Software | =8.2\(3\) | |
| Cisco Adaptive Security Appliance Software | =8.2\(3.9\) | |
| Cisco Adaptive Security Appliance Software | =8.2\(4\) | |
| Cisco Adaptive Security Appliance Software | =8.2\(4.1\) | |
| Cisco Adaptive Security Appliance Software | =8.2\(4.4\) | |
| Cisco Adaptive Security Appliance Software | =8.2\(5\) | |
| Cisco Adaptive Security Appliance Software | =8.2.1 | |
| Cisco Adaptive Security Appliance Software | =8.2.2 | |
| Cisco Adaptive Security Appliance Software | =8.2.2-interim | |
| Cisco Adaptive Security Appliance Software | =8.2.3 | |
| Cisco Adaptive Security Appliance Software | =8.3\(1\) | |
| Cisco Adaptive Security Appliance Software | =8.3\(2\) | |
| Cisco Adaptive Security Appliance Software | =8.3.1 | |
| Cisco Adaptive Security Appliance Software | =8.3.1-interim | |
| Cisco Adaptive Security Appliance Software | =8.3.2 | |
| Cisco Adaptive Security Appliance Software | =8.4 | |
| Cisco Adaptive Security Appliance Software | =8.4\(1\) | |
| Cisco Adaptive Security Appliance Software | =8.4\(1.11\) | |
| Cisco Adaptive Security Appliance Software | =8.4\(2\) | |
| Cisco Adaptive Security Appliance Software | =8.4\(2.11\) | |
| Cisco Adaptive Security Appliance Software | =8.5 | |
| Cisco Adaptive Security Appliance Software | =8.6 | |
| Cisco Adaptive Security Appliance Software | =8.6\(1\) | |
| Cisco Adaptive Security Appliance 5500 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2012-0358?
CVE-2012-0358 has a CVSS score of 7.8, indicating it is of high severity.
How do I fix CVE-2012-0358?
To mitigate CVE-2012-0358, upgrade to the latest version of Cisco Adaptive Security Appliance software that addresses this vulnerability.
What is the vulnerability type of CVE-2012-0358?
CVE-2012-0358 is categorized as a buffer overflow vulnerability affecting the Cisco Port Forwarder ActiveX control.
Which Cisco products are affected by CVE-2012-0358?
CVE-2012-0358 impacts Cisco Adaptive Security Appliances (ASA) 5500 series devices running specific versions from 7.0 to 8.6.
Is there any workaround for CVE-2012-0358?
Until a patch is applied, users can disable or restrict access to the vulnerable ActiveX control to minimize risk.
- agent/type
- agent/references
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/severity
- agent/first-publish-date
- agent/event
- agent/description
- agent/source
- agent/weakness
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- agent/software-canonical-lookup-request
- collector/nvd-index
- agent/author
- vendor/cisco
- canonical/cisco adaptive security appliance software
- version/cisco adaptive security appliance software/7.0
- version/cisco adaptive security appliance software/7.0\(0\)
- version/cisco adaptive security appliance software/7.0\(1\)
- version/cisco adaptive security appliance software/7.0\(2\)
- version/cisco adaptive security appliance software/7.0\(4\)
- version/cisco adaptive security appliance software/7.0\(5\)
- version/cisco adaptive security appliance software/7.0\(5.2\)
- version/cisco adaptive security appliance software/7.0\(6\)
- version/cisco adaptive security appliance software/7.0\(6.7\)
- version/cisco adaptive security appliance software/7.0\(7\)
- version/cisco adaptive security appliance software/7.0\(8\)
- version/cisco adaptive security appliance software/7.0.1
- version/cisco adaptive security appliance software/7.0.1.4
- version/cisco adaptive security appliance software/7.0.2
- version/cisco adaptive security appliance software/7.0.4
- version/cisco adaptive security appliance software/7.0.4.3
- version/cisco adaptive security appliance software/7.0.5
- version/cisco adaptive security appliance software/7.0.6
- version/cisco adaptive security appliance software/7.0.7
- version/cisco adaptive security appliance software/7.0.8
- version/cisco adaptive security appliance software/7.0.8-interim
- version/cisco adaptive security appliance software/7.1
- version/cisco adaptive security appliance software/7.1\(2\)
- version/cisco adaptive security appliance software/7.1\(2.5\)
- version/cisco adaptive security appliance software/7.1\(2.27\)
- version/cisco adaptive security appliance software/7.1\(2.48\)
- version/cisco adaptive security appliance software/7.1\(2.49\)
- version/cisco adaptive security appliance software/7.1\(5\)
- version/cisco adaptive security appliance software/7.1.1
- version/cisco adaptive security appliance software/7.1.2
- version/cisco adaptive security appliance software/7.2
- version/cisco adaptive security appliance software/7.2\(1\)
- version/cisco adaptive security appliance software/7.2\(1.22\)
- version/cisco adaptive security appliance software/7.2\(2\)
- version/cisco adaptive security appliance software/7.2\(2.5\)
- version/cisco adaptive security appliance software/7.2\(2.7\)
- version/cisco adaptive security appliance software/7.2\(2.8\)
- version/cisco adaptive security appliance software/7.2\(2.10\)
- version/cisco adaptive security appliance software/7.2\(2.14\)
- version/cisco adaptive security appliance software/7.2\(2.15\)
- version/cisco adaptive security appliance software/7.2\(2.16\)
- version/cisco adaptive security appliance software/7.2\(2.17\)
- version/cisco adaptive security appliance software/7.2\(2.18\)
- version/cisco adaptive security appliance software/7.2\(2.19\)
- version/cisco adaptive security appliance software/7.2\(2.48\)
- version/cisco adaptive security appliance software/7.2\(3\)
- version/cisco adaptive security appliance software/7.2\(4\)
- version/cisco adaptive security appliance software/7.2\(5\)
- version/cisco adaptive security appliance software/7.2.1
- version/cisco adaptive security appliance software/7.2.2
- version/cisco adaptive security appliance software/7.2.3
- version/cisco adaptive security appliance software/7.2.4
- version/cisco adaptive security appliance software/7.2.5
- version/cisco adaptive security appliance software/8.0
- version/cisco adaptive security appliance software/8.0\(2\)
- version/cisco adaptive security appliance software/8.0\(3\)
- version/cisco adaptive security appliance software/8.0\(4\)
- version/cisco adaptive security appliance software/8.0\(5\)
- version/cisco adaptive security appliance software/8.0.2
- version/cisco adaptive security appliance software/8.0.3
- version/cisco adaptive security appliance software/8.0.4
- version/cisco adaptive security appliance software/8.0.5
- version/cisco adaptive security appliance software/8.1
- version/cisco adaptive security appliance software/8.2\(1\)
- version/cisco adaptive security appliance software/8.2\(2\)
- version/cisco adaptive security appliance software/8.2\(3\)
- version/cisco adaptive security appliance software/8.2\(3.9\)
- version/cisco adaptive security appliance software/8.2\(4\)
- version/cisco adaptive security appliance software/8.2\(4.1\)
- version/cisco adaptive security appliance software/8.2\(4.4\)
- version/cisco adaptive security appliance software/8.2\(5\)
- version/cisco adaptive security appliance software/8.2.1
- version/cisco adaptive security appliance software/8.2.2
- version/cisco adaptive security appliance software/8.2.2-interim
- version/cisco adaptive security appliance software/8.2.3
- version/cisco adaptive security appliance software/8.3\(1\)
- version/cisco adaptive security appliance software/8.3\(2\)
- version/cisco adaptive security appliance software/8.3.1
- version/cisco adaptive security appliance software/8.3.1-interim
- version/cisco adaptive security appliance software/8.3.2
- version/cisco adaptive security appliance software/8.4
- version/cisco adaptive security appliance software/8.4\(1\)
- version/cisco adaptive security appliance software/8.4\(1.11\)
- version/cisco adaptive security appliance software/8.4\(2\)
- version/cisco adaptive security appliance software/8.4\(2.11\)
- version/cisco adaptive security appliance software/8.5
- version/cisco adaptive security appliance software/8.6
- version/cisco adaptive security appliance software/8.6\(1\)
- canonical/cisco adaptive security appliance 5500