CVE-2005-4734

Currently unrated

Key Information:

Vendor: Rsa
Status: Authentication Agent For Web
Vendor: CVE Published:; 31 December 2005

Summary

Stack-based buffer overflow in IISWebAgentIF.dll in RSA Authentication Agent for Web (aka SecurID Web Agent) 5.2 and 5.3 for IIS allows remote attackers to execute arbitrary code via a long url parameter in the Redirect method.

References

http://www.securityfocus.com/bid/26424

vdb-entryx_refsource_BID

https://knowledge.rsasecurity.com/dlcpages/rsa_securid/se...

x_refsource_MISC

http://www.osvdb.org/20151

vdb-entryx_refsource_OSVDB

EPSS Score

72% chance of being exploited in the next 30 days.

Timeline

Vulnerability Reserved
Mar 19, 2006
Vulnerability published
Dec 31, 2005