CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0CVE-2012-0397
https://notcve.org/view.php?id=CVE-2012-0397
Buffer overflow in EMC RSA SecurID Software Token Converter before 2.6.1 allows remote attackers to cause a denial of service or possibly execute arbitrary code via unspecified vectors. Desbordamiento de búfer en EMC RSA SecurID Software Token Converter antes de v2.6.1 permite a atacantes remotos provocar una denegación de servicio o posiblemente ejecutar código de su elección a través de vectores no especificados. • http://www.securityfocus.com/archive/1/521885 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0CVE-2011-4141
https://notcve.org/view.php?id=CVE-2011-4141
Untrusted search path vulnerability in EMC RSA SecurID Software Token 4.1 before 4.1.1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a Software Token file. Vulnerabilidad de ruta de búsqueda no confiable en EMC RSA SecurID Software Token 4.1 anteriores a 4.1.1 permite a usuarios locales escalar privilegios a través de una DLL troyanizada en el directorio de trabajo actual, como se ha demostrado por un directorio que contiene un archivo Token Software. • http://archives.neohapsis.com/archives/bugtraq/2011-12/0089.html http://secunia.com/advisories/45665 http://securitytracker.com/id?1026426 https://exchange.xforce.ibmcloud.com/vulnerabilities/71833 •
CVSS: 10.0EPSS: 12%CPEs: 5EXPL: 0CVE-2007-2417
https://notcve.org/view.php?id=CVE-2007-2417
Heap-based buffer overflow in _mprosrv.exe in Progress Software Progress 9.1E and OpenEdge 10.1x, as used by the RSA Authentication Manager 6.0 and 6.1, SecurID Appliance 2.0, ACE/Server 5.2, and possibly other products, allows remote attackers to execute arbitrary code via crafted packets. NOTE: this issue might overlap CVE-2007-3491. Desbordamiento de búfer basado en montículo en _mprosrv.exe de Progress Software Progress 9.1E y OpenEdge 10.1.x, como se usan en RSA Authentication Manager 6.0 y 6.1, SecurID Appliance 2.0, ACE/Server 5.2, y posiblemente otros productos, permite a atacantes remotos ejecutar código de su elección mediante paquetes manipulados. NOTA: este problema podría solaparse con CVE-2007-3491. • http://dvlabs.tippingpoint.com/advisory/TPTI-07-12 http://osvdb.org/37934 http://secunia.com/advisories/26058 http://secunia.com/advisories/26067 http://www.securityfocus.com/archive/1/473623/100/0/threaded http://www.securityfocus.com/bid/24675 http://www.securitytracker.com/id?1018389 http://www.vupen.com/english/advisories/2007/2530 http://www.vupen.com/english/advisories/2007/2531 https://exchange.xforce.ibmcloud.com/vulnerabilities/35385 •
CVSS: 7.5EPSS: 66%CPEs: 3EXPL: 0CVE-2005-1471
https://notcve.org/view.php?id=CVE-2005-1471
Heap-based buffer overflow in RSA SecurID Web Agent 5, 5.2, and 5.3 allows remote attackers to execute arbitrary code via crafted chunked-encoding data. • http://marc.info/?l=full-disclosure&m=111537013104724&w=2 http://secunia.com/advisories/15222 •
CVSS: 2.1EPSS: 4%CPEs: 9EXPL: 0CVE-2002-0507
https://notcve.org/view.php?id=CVE-2002-0507
An interaction between Microsoft Outlook Web Access (OWA) with RSA SecurID allows local users to bypass the SecurID authentication for a previous user via several submissions of an OWA Authentication request with the proper OWA password for the previous user, which is eventually accepted by OWA. Una interacción entre Microsoft Outlook Web Access (OWA) con RSA SecurID permite a usuarios locales evitar la autenticación SecurID para un usuario anterior mediante varios envios de una petición de autenticación OWA con la contraseña adecuada del usuario anterior, que es acaba siendo aceptada por OWA. • http://online.securityfocus.com/archive/1/264705 http://www.iss.net/security_center/static/8681.php http://www.securityfocus.com/bid/4390 • CWE-287: Improper Authentication •