Untrusted Search Path Vulnerability in EMC RSA SecurID Software Token
CVE-2011-4141

Currently unrated

Key Information:

Vendor: Rsa
Status: Securid
Vendor: CVE Published:; 17 December 2011

What is CVE-2011-4141?

The untrusted search path vulnerability in the RSA SecurID Software Token allows local users to escalate privileges by executing a Trojan horse DLL from the current working directory. This can result in unauthorized access to sensitive data and security features if the Software Token file is present in a directory compromised by an attacker.

References

http://archives.neohapsis.com/archives/bugtraq/2011-12/00...

mailing-listx_refsource_BUGTRAQ

http://secunia.com/advisories/45665

third-party-advisoryx_refsource_SECUNIA

http://securitytracker.com/id?1026426

vdb-entryx_refsource_SECTRACK

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 17, 2011
Vulnerability Reserved
Oct 19, 2011

Rsa

What is CVE-2011-4141?

References

Timeline