CVE-2005-4734

🗓️ 19 Mar 2006 23:00:00Reported by mitreType

cve

cve🔗 web.nvd.nist.gov👁 53 Views🌐 WEB

Stack-based buffer overflow in IISWebAgentIF.dll in RSA Authentication Agent for We

Reporter	Title	Published	Views	Family All 11
Circl	CVE-2005-4734	20 Sep 201000:00	–	circl
Check Point Advisories	IIS RSA Authentication Agent for Web Redirect Buffer Overflow (CVE-2005-4734)	22 Nov 200900:00	–	checkpoint_advisories
Cvelist	CVE-2005-4734	19 Mar 200623:00	–	cvelist
Exploit DB	Microsoft IIS - ISAPI RSA WebAgent Redirect Overflow (Metasploit)	20 Sep 201000:00	–	exploitdb
Metasploit	Microsoft IIS ISAPI RSA WebAgent Redirect Overflow	26 Dec 200514:34	–	metasploit
NVD	CVE-2005-4734	31 Dec 200505:00	–	nvd
Packet Storm	Microsoft IIS ISAPI RSA WebAgent Redirect Overflow	26 Nov 200900:00	–	packetstorm
Saint	RSA SecurID Web Agent for IIS redirect buffer overflow	30 Nov 200500:00	–	saint
Saint	RSA SecurID Web Agent for IIS redirect buffer overflow	30 Nov 200500:00	–	saint
Saint	RSA SecurID Web Agent for IIS redirect buffer overflow	30 Nov 200500:00	–	saint

NVD

Node

rsa authentication_agent_for_webMatch5.2

OR

rsa authentication_agent_for_webMatch5.3

Source	Link
secunia	www.secunia.com/advisories/17281
securityfocus	www.securityfocus.com/bid/26424
knowledge	www.knowledge.rsasecurity.com/dlcpages/rsa_securid/securid_dlc_aaweb.asp
metasploit	www.metasploit.com/projects/Framework/exploits.html
osvdb	www.osvdb.org/20151

Parameter	Position	Path	Description	CWE
url	query param	WebID/IISWebAgentIF.dll	Overflow via Redirect?url parameter in RSA WebAgentIF.dll (IIS) allows remote code execution.	CWE-787
image	query param	WebID/IISWebAgentIF.dll	Check request GetPic?image=msf used in vulnerability verification (same endpoint context).	CWE-787

16 Apr 2026 00:27Current

8High risk

Vulners AI Score8

CVSS 26.4

EPSS0.7245

cve-2005-4734 buffer overflow iis rsa authentication agent securid web agent remote code execution nvd