PT-2007-3749 · Rsa+1 · Ace/Server+4

Published

2007-07-15

Updated

2020-03-27

CVE-2007-2417

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Progress 9.1E OpenEdge 10.1x RSA Authentication Manager versions 6.0 and 6.1 SecurID Appliance version 2.0 ACE/Server version 5.2

Description A heap-based buffer overflow issue in the mprosrv.exe component allows remote attackers to execute arbitrary code via crafted packets. This issue may be related to other products beyond those listed.

Recommendations For Progress 9.1E, update to a version that addresses this issue. For OpenEdge 10.1x, update to a version that addresses this issue. For RSA Authentication Manager versions 6.0 and 6.1, update to a version that addresses this issue. For SecurID Appliance version 2.0, update to a version that addresses this issue. For ACE/Server version 5.2, update to a version that addresses this issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2007-2417

Affected Products

Ace/Server

Openedge

Progress

Emc Rsa Authentication Manager

Securid Appliance

PT-2007-3749 · Rsa+1 · Ace/Server+4

CVE-2007-2417

Related Identifiers

Affected Products

References · 11