CVE-2024-47856

In RSA Authentication Agent before 7.4.7, service paths and shortcut paths may be vulnerable to path interception if the path has one or more spaces and is not surrounded by quotation marks. An adversary can place an executable in a higher-level directory of the path, and Windows will resolve tha...

EUVD-2024-55101

In RSA Authentication Agent before 7.4.7, service paths and shortcut paths may be vulnerable to path interception if the path has one or more spaces and is not surrounded by quotation marks. An adversary can place an executable in a higher-level directory of the path, and Windows will resolve tha...

CVE-2024-47856

RSA Authentication Agent (before 7.4.7) is affected by a path interception flaw in Windows: if a service/shortcut path contains spaces and is not quoted, an attacker could place an executable in a higher-level directory, causing Windows to execute the unintended file. This has been documented acr...

RSA Authentication Agent 安全漏洞

RSA Authentication Agent is a remote access request authentication software from RSA Corporation. A security vulnerability exists in RSA Authentication Agent versions prior to 7.4.7 that stems from a path interception issue that could lead to the execution of an unexpected executable file...

EUVD-2018-11866

Malware in sbrugna...

EUVD-2008-2024

Malware in sbrugna...

EUVD-2005-1121

Malware in sbrugna...

EUVD-2013-3217

Malware in sbrugna...

EUVD-2005-3328

Malware in sbrugna...

EUVD-2013-3208

Malware in sbrugna...

EUVD-2008-2023

Malware in sbrugna...

EUVD-2017-5881

Malware in sbrugna...

EUVD-2008-1474

Malware in sbrugna...

CVE-2013-0931

EMC RSA Authentication Agent 7.1.x before 7.1.2 on Windows does not enforce the Quick PIN Unlock timeout feature, which allows physically proximate attackers to bypass the passcode requirement for a screensaved session by entering a PIN after timeout expiration...

CVE-2013-0942

Cross-site scripting XSS vulnerability in EMC RSA Authentication Agent 7.1 before 7.1.1 for Web for Internet Information Services, and 7.1 before 7.1.1 for Web for Apache, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2013-3280

EMC RSA Authentication Agent 7.1.x before 7.1.2 for Web for Internet Information Services has a fail-open design, which allows remote attackers to bypass intended access restrictions via vectors that trigger an agent crash...

CVE-2013-3271

EMC RSA Authentication Agent for PAM 7.0 before 7.0.2.1 enforces the maximum number of login attempts within the PAM-enabled application codebase, instead of within the Agent codebase, which makes it easier for remote attackers to discover correct login credentials via a brute-force attack...

K56231955: RSA Authentication Agent vulnerabilities CVE-2018-1232, CVE-2018-1233, and CVE-2018-1234

Security Advisory Description CVE-2018-1232 RSA Authentication Agent version 8.0.1 and earlier for Web for both IIS and Apache Web Server are impacted by a stack-based buffer overflow which may occur when handling certain malicious web cookies that have invalid formats. The attacker could exploit...

RSA Authentication Agent (IIS) < 8.0.2 Multiple Vulnerabilities

RSA Authentication Agent for IIS is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

RSA Authentication Agent for Web for IIS 8.x < 8.0.2 Multiple Vulnerabilities

The version of RSA Authentication Agent for Web for IIS is 8.x prior to 8.0.2. It is, therefore, affected by multiple vulnerabilities. C Tenable Network Security, Inc. include'compat.inc'; if description scriptid108889; scriptversion"1.5"; scriptsetattributeattribute:"pluginmodificationdate",...