RSA SecurID Software Token Converter XML-Formatted .sdtid Buffer Overflow

This script is Copyright (C) 2013-2016 Tenable Network Security, Inc.

Synopsis :

The remote Windows host has an application that may be affected by a
buffer overflow condition.

Description :

RSA SecurID Software Token Converter prior to version 2.6.1 is prone
to an overflow condition. A boundary error occurs when handling XML-
formatted '.sdtid' file strings. By tricking a user into running the
converter with a crafted file, an attacker could potentially execute
arbitrary code.

See also :

Solution :

Update to version 2.6.1 or higher.

Risk factor :

High / CVSS Base Score : 7.6
CVSS Temporal Score : 5.6
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 69515 ()

Bugtraq ID: 52315

CVE ID: CVE-2012-0397

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now