RSA SecurID Software Token < 4.1.1 Insecure Library Loading

The remote Windows host contains a version of RSA SecurID Software Token 3.0, 4.0, or 4.1 earlier than 4.1.1. As such, it is reportedly affected by an insecure library loading vulnerability. If an attacker can trick a user on the affected system into opening a specially crafted Software Token fil...

ESA-2011-039: RSA&#40;r&#41;, The Security Division of EMC, announces security fixes and improvements for RSASecurID&#40;r&#41; Software Token 4.1 for Microsoft&#40;r&#41;Windows&#40;r&#41;

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2011-039: RSA®, The Security Division of EMC, announces security fixes and improvements for RSASecurID® Software Token 4.1 for Microsoft®Windows® Advisories Updated December 12, 2011 Summary: RSA, The Security Division of EMC, announces security...

CVE-2011-4141

RSA SecurID Software Token for Windows (4.1 and earlier; affected 4.1.0.545 and earlier) is vulnerable to an insecure library loading/ DLL hijacking via an untrusted search path. The vulnerability allows local privilege escalation when a user opens a specially crafted Software Token file, enablin...

KLA10304 LPE vulnerability in RSA SecurID Software Token

An untrusted path vulnerability was found in the RSA SecurID Software Token. By exploiting this vulnerability malicious users can gain privileges. This vulnerability can be exploited locally via a DLL hijack. Original advisories - Related products RSA-SecurID-Software-Token CVE list CVE-2011-4141...