HIGH🇵🇱 Wersja polska

CVE-2018-1232

CVSS 7.5v3.0pub. 2018-03-30upd. 2024-11-21

RSA Authentication Agent version 8.0.1 and earlier for Web for both IIS and Apache Web Server are impacted by a stack-based buffer overflow which may occur when handling certain malicious web cookies that have invalid formats. The attacker could exploit this vulnerability to crash the authentication agent and cause a denial-of-service situation.

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • Rsa Authentication Agent For Web

    APP
    Rsa
    ≤ 8.0.1
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Memory
CWE
References

Related vulnerabilities

CVE-2017-14377CRITICAL9.8ten sam produkt

EMC RSA Authentication Agent for Web: Apache Web Server version 8.0 and RSA Authentication Agent for Web: Apac...

CVE-2018-1234MEDIUM5.5ten sam produkt

RSA Authentication Agent version 8.0.1 and earlier for Web for IIS is affected by a problem where access contr...

CVE-2018-1233MEDIUM6.1ten sam produkt

RSA Authentication Agent version 8.0.1 and earlier for Web for both IIS and Apache Web Server are affected by ...

CVE-2010-3261MEDIUM5.0ten sam produkt

Directory traversal vulnerability in RSA Authentication Agent 7.0 before P2 for Web allows remote attackers to...

CVE-2005-4734MEDIUM6.4ten sam produkt

Stack-based buffer overflow in IISWebAgentIF.dll in RSA Authentication Agent for Web (aka SecurID Web Agent) 5...