Cisco AnyConnect Secure Mobility Client 3.1.08009 Privilege Elevation
https://packetstormsecurity.com/files/133876/GS20151006010911.tgz
https://packetstormsecurity.com/files/133876/GS20151006010911.tgzhttps://packetstormsecurity.com/files/133876/Cisco-AnyConnect-Secure-Mobility-Client-3.1.08009-Privilege-Elevation.htmlTue, 06 Oct 2015 00:30:33 GMTCisco AnyConnect Secure Mobility Client version 3.1.08009 suffers from a privilege escalation vulnerability. The fix for CVE-2015-4211 is insufficient which allows a local application to elevate to local system through the CMainThread::launchDownloader command.