CVE-2007-4415

N/A Unknown

Published: August 18, 2007 Modified: April 23, 2026

Description

Cisco VPN Client on Windows before 5.0.01.0600, and the 5.0.01.0600 InstallShield (IS) release, uses weak permissions for cvpnd.exe (Modify granted to Interactive Users), which allows local users to gain privileges via a modified cvpnd.exe.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://secunia.com/advisories/26459

Source: cve@mitre.org

Patch Vendor Advisory

http://securityreason.com/securityalert/3023

Source: cve@mitre.org

http://securitytracker.com/id?1018573

Source: cve@mitre.org

Patch

http://www.cisco.com/warp/public/707/cisco-sa-20070815-vpnclient.shtml

Source: cve@mitre.org

Patch

http://www.securityfocus.com/archive/1/476812/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/25332

Source: cve@mitre.org

Patch

http://www.vupen.com/english/advisories/2007/2903

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/36032

Source: cve@mitre.org

http://secunia.com/advisories/26459