VYPR

User Changeable Password

by Cisco Systems, Inc.

CVEs (2)

  • CVE-2008-0532Mar 14, 2008
    risk 0.08cvss epss 0.57

    Multiple buffer overflows in securecgi-bin/CSuserCGI.exe in User-Changeable Password (UCP) before 4.2 in Cisco Secure Access Control Server (ACS) for Windows and ACS Solution Engine allow remote attackers to execute arbitrary code via a long argument located immediately after…

  • CVE-2008-0533Mar 14, 2008
    risk 0.05cvss epss 0.29

    Multiple cross-site scripting (XSS) vulnerabilities in securecgi-bin/CSuserCGI.exe in User-Changeable Password (UCP) before 4.2 in Cisco Secure Access Control Server (ACS) for Windows and ACS Solution Engine allow remote attackers to inject arbitrary web script or HTML via an…