CVE-2014-3392

Name of the Vulnerable Software and Affected Versions Cisco ASA Software versions 8.2 through 8.2(5.50) Cisco ASA Software versions 8.3 through 8.3(2.41) Cisco ASA Software versions 8.4 through 8.4(7.22) Cisco ASA Software versions 8.6 through 8.6(1.14) Cisco ASA Software versions 9.0 through 9.0(4.23) Cisco ASA Software versions 9.1 through 9.1(5.11) Cisco ASA Software versions 9.2 through 9.2(2.7) Cisco ASA Software versions 9.3 through 9.3(1.0)

Description The issue allows remote attackers to obtain sensitive information from process memory or modify memory contents via crafted parameters.

Recommendations For versions 8.2 through 8.2(5.50), update to version 8.2(5.51) or later. For versions 8.3 through 8.3(2.41), update to version 8.3(2.42) or later. For versions 8.4 through 8.4(7.22), update to version 8.4(7.23) or later. For versions 8.6 through 8.6(1.14), update to version 8.6(1.15) or later. For versions 9.0 through 9.0(4.23), update to version 9.0(4.24) or later. For versions 9.1 through 9.1(5.11), update to version 9.1(5.12) or later. For versions 9.2 through 9.2(2.7), update to version 9.2(2.8) or later. For versions 9.3 through 9.3(1.0), update to version 9.3(1.1) or later.