RSA SecurID Software Token Converter XML-Formatted .sdtid Buffer Overflow
High Nessus Plugin ID 69515
SynopsisThe remote Windows host has an application that may be affected by a buffer overflow condition.
DescriptionRSA SecurID Software Token Converter prior to version 2.6.1 is prone to an overflow condition. A boundary error occurs when handling XML- formatted '.sdtid' file strings. By tricking a user into running the converter with a crafted file, an attacker could potentially execute arbitrary code.
SolutionUpdate to version 2.6.1 or higher.