Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-1422

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2011-1422
Last Modified 21 Sep 2011 11:30:12
Published 22 Apr 2011 06:55:02
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-1422

Summary

Cross-site scripting (XSS) vulnerability in an unspecified Shockwave Flash file in EMC RSA Adaptive Authentication On-Premise (AAOP) 2.x, 5.7.x, and 6.x allows remote attackers to inject arbitrary web script or HTML via unknown vectors.

Vulnerable Systems

Application

  • Emc Rsa Adaptive Authentication On-premise 2.0

  • Emc Rsa Adaptive Authentication On-premise 5.7.0

  • Emc Rsa Adaptive Authentication On-premise 5.7.2

  • Emc Rsa Adaptive Authentication On-premise 5.7.3

  • Emc Rsa Adaptive Authentication On-premise 6.0

  • Emc Rsa Adaptive Authentication On-premise 6.0.2.1


References

VUPEN - ADV-2011-1026

BID - 47408

BUGTRAQ - 20110418 ESA-2011-014: RSA, The Security Division of EMC, announces the release of Adaptive Authentication (On-Premise) Flash File Security Patch

SECTRACK - 1025382

SREASON - 8215

SECUNIA - 44236


Last Updated: 27 May 2016 10:56:19