Heap Overflow Vulnerability in Progress Software Used by RSA Authentication Manager and SecurID Appliance
CVE-2007-2417

Currently unrated

Key Information:

Vendor: Progress
Status: Openedge; Progress; Ace Server
Vendor: CVE Published:; 15 July 2007

What is CVE-2007-2417?

A heap-based buffer overflow exists in the _mprosrv.exe component of Progress Software's products, such as RSA Authentication Manager and SecurID Appliance. This vulnerability can be exploited by remote attackers sending crafted packets, which may lead to the execution of arbitrary code on the compromised system. Various versions of Progress Software—including Progress 9.1E, OpenEdge 10.1x, and specific versions of RSA Authentication Manager—are susceptible to this issue, which could also potentially affect other products in the same ecosystem. This security concern highlights the importance of keeping software updated and monitoring for intrusion attempts.

References

http://www.vupen.com/english/advisories/2007/2530

vdb-entryx_refsource_VUPEN

http://www.securityfocus.com/archive/1/473623/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://www.vupen.com/english/advisories/2007/2531

vdb-entryx_refsource_VUPEN

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 15, 2007
Vulnerability Reserved
May 1, 2007