- Description
- Heap-based buffer overflow in _mprosrv.exe in Progress Software Progress 9.1E and OpenEdge 10.1x, as used by the RSA Authentication Manager 6.0 and 6.1, SecurID Appliance 2.0, ACE/Server 5.2, and possibly other products, allows remote attackers to execute arbitrary code via crafted packets. NOTE: this issue might overlap CVE-2007-3491.
- Source
- cve@mitre.org
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 10
- Impact score
- 10
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:C/I:C/A:C
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:rsa:securid:2.0:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "736234F7-AEB8-4623-B44A-3B7EEC4D1D55"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:progress:openedge:10.1a:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C637AD8D-C3A3-4815-A0A0-12581270E384"
},
{
"criteria": "cpe:2.3:a:progress:openedge:10.1b:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "44F1126D-D2EE-4D4B-AA40-11300B590C7E"
},
{
"criteria": "cpe:2.3:a:progress:progress:9.1e:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BAC44608-A273-4EA8-9A60-CA10903AE0A1"
},
{
"criteria": "cpe:2.3:a:rsa:ace_server:5.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FD8FA6FD-A5F1-442F-A1AB-89F77398895C"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]