3 matches found
CVE-2013-0941
CVE-2013-0941 affects RSA/SecurID components. The node secret in affected products is stored using a dated encryption algorithm with a weak key, exposing confidentiality and integrity risk for local communications between RSA/Access Manager components. Affected: RSA Authentication API up to 8.1 S...
CVE-2008-2026
The CVE-2008-2026 issue affects RSA Security's WebID IISWebAgentIF.dll in the RSA Authentication Agent for Web, version 5.3.0.258 and older than 5.3.3.378. Root cause is insufficient filtering of the postdata parameter, enabling remote XSS via a URL-encoded postdata value. An exploit example exis...
CVE-2008-2027
The CVE-2008-2027 entry describes an Open Redirect vulnerability in RSA Authentication Agent 5.3.0.258 for Web for IIS, specifically within WebID/IISWebAgentIF.dll. The vulnerability allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks when a crafted ftp U...