Cisco Secure Desktop CVE-2012-4655 Arbitrary Code Execution Vulnerability
Cisco Secure Desktop is prone to a vulnerability that allow attackers to run an arbitrary executable.
An attacker can exploit this issue by using social engineering techniques to coerce unsuspecting users to download and execute arbitrary applications.
Successful exploits will allow an attacker to execute arbitrary code in the context of the user running the web browser. Failed exploit attempts will likely result in a denial-of-service condition.
This issue is tracked by Cisco Bug IDs CSCtz76128 and CSCtz78204.