CVE-2008-0532

CVE Database · CVE-2008-0532

CVE-2008-0532

· N/AModified

CVSS v3.1

N/A

EPSS

57.14%

Published

Mar 14, 2008

Modified

Apr 22, 2026

Public PoC / Exploit (1)

All weaponized →

Exploit-DBCisco User-Changeable Password (UCP) 3.3.4.12.5 - 'CSuserCGI.exe' Multiple Remote Vulnerabilities

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Multiple buffer overflows in securecgi-bin/CSuserCGI.exe in User-Changeable Password (UCP) before 4.2 in Cisco Secure Access Control Server (ACS) for Windows and ACS Solution Engine allow remote attackers to execute arbitrary code via a long argument located immediately after the Logout argument, and possibly unspecified other vectors.

Weaknesses (CWE)

CWE-119

Affected Products (3)

cisco · acs_for_windowsvulnerable

cisco · acs_solution_enginevulnerable

cisco · user_changeable_passwordvulnerable

References (18)

http://secunia.com/advisories/29351

PatchVendor Advisory

http://securityreason.com/securityalert/3743

http://securitytracker.com/id?1019608

http://www.cisco.com/en/US/products/products_security_advisory09186a008095f0c4.shtml