Vulnerability Description
Cross-site scripting (XSS) vulnerability in IISWebAgentIF.dll in the RSA Authentication Agent for Web 5.2 allows remote attackers to inject arbitrary web script or HTML via the postdata parameter.
CVSS Score
4.3
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Rsa | Authentication Agent For Web | 5.2 |
References
- http://secunia.com/advisories/14954PatchVendor Advisory
- http://securitytracker.com/id?1013724PatchVendor Advisory
- http://www.kb.cert.org/vuls/id/366372US Government Resource
- http://www.oliverkarow.de/research/rsaxss.txtPatchVendor Advisory
- http://www.securityfocus.com/bid/13168Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/20098
- http://secunia.com/advisories/14954PatchVendor Advisory
- http://securitytracker.com/id?1013724PatchVendor Advisory
- http://www.kb.cert.org/vuls/id/366372US Government Resource
- http://www.oliverkarow.de/research/rsaxss.txtPatchVendor Advisory
- http://www.securityfocus.com/bid/13168Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/20098
FAQ
What is CVE-2005-1118?
CVE-2005-1118 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Cross-site scripting (XSS) vulnerability in IISWebAgentIF.dll in the RSA Authentication Agent for Web 5.2 allows remote attackers to inject arbitrary web script or HTML via the postdata parameter.
How severe is CVE-2005-1118?
CVE-2005-1118 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-1118?
Check the references section above for vendor advisories and patch information. Affected products include: Rsa Authentication Agent For Web.