ESA-2013-002: RSA Archer® GRC Multiple Vulnerabilities

ESA-2013-002.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2013-002: RSA Archer® GRC Multiple Vulnerabilities EMC Identifier: ESA-2013-002 CVE Identifier: CVE-2012-2293, CVE-2012-2292, CVE-2012-1064, CVE-2012-2294 Severity Rating: See below for scores for individual issues Affected...

CVE-2012-1064

CVE-2012-1064 affects EMC RSA Archer GRC 5.x and SmartSuite Framework 4.x; multiple XSS vulnerabilities allowed remote attackers to inject arbitrary script/HTML via unspecified vectors in affected RSA Archer components. The ESA advisory notes fixes in RSA Archer GRC 5.3 and 5.2SP1 (upgrade to 5.3...