Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-2740

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2011-2740
Last Modified 16 Feb 2012 11:08:00
Published 09 Nov 2011 06:55:01
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-2740

Summary

EMC RSA Key Manager (RKM) Appliance 2.7 SP1 before 2.7.1.6, when Firefox 4.x or 5.0 is used, does not properly terminate a user session upon a logout action, which makes it easier for remote attackers to execute arbitrary code by leveraging an unattended workstation.

Vulnerable Systems


References

BUGTRAQ - 20111103 ESA-2011-035: RSA, The Security Division of EMC, announces the release of Hotfix 6 with security updates for RSA Key Manager Appliance 2.7 Service Pack 1

SREASON - 8529

SECTRACK - 1026276


Last Updated: 27 May 2016 10:57:25