CVE-2010-0589

CVE Database · CVE-2010-0589

CVE-2010-0589

· N/AModified

CVSS v3.1

N/A

EPSS

4.76%

Published

Apr 15, 2010

Modified

Apr 28, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

The Web Install ActiveX control (CSDWebInstaller) in Cisco Secure Desktop (CSD) before 3.5.841 does not properly verify the signatures of downloaded programs, which allows remote attackers to force the download and execution of arbitrary files via a crafted web page, aka Bug ID CSCta25876.

Weaknesses (CWE)

CWE-20

Affected Products (12)

cisco · secure_desktopvulnerable

References (10)

http://securitytracker.com/id?1023881

http://www.cisco.com/en/US/products/products_security_advisory09186a0080b25d01.shtml

PatchVendor Advisory

http://www.securityfocus.com/bid/39478

http://www.zerodayinitiative.com/advisories/ZDI-10-072/

https://exchange.xforce.ibmcloud.com/vulnerabilities/57812

http://securitytracker.com/id?1023881

http://www.cisco.com/en/US/products/products_security_advisory09186a0080b25d01.shtml

PatchVendor Advisory

http://www.securityfocus.com/bid/39478

http://www.zerodayinitiative.com/advisories/ZDI-10-072/

KEV Catalog EPSS Scores Vendors All CVEs