CVE-2015-7600 Information

Description

Cisco VPN Client 5.x through 5.0.07.0440 uses weak permissions for vpnclient.ini which allows local users to gain privileges by entering an arbitrary program name in the Command field of the ApplicationLauncher section.

Reference

http://www.securitytracker.com/id/1033750 https://www.nettitude.co.uk/vulnerability-discovered-in-unsupported-cisco-systems-vpn-client/