CVE-2008-2027: Infoleak
First published: Wed Apr 30 2008(Updated: )
Open redirect vulnerability in WebID/IISWebAgentIF.dll in RSA Authentication Agent 5.3.0.258 for Web for IIS, when accessed via certain browsers such as Mozilla Firefox, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via an ftp URL in the url parameter to a Redirect action.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| RSA Authentication Agent | =5.3.0.258 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2008-2027?
CVE-2008-2027 has been classified as a medium severity vulnerability that allows open redirect attacks.
How do I fix CVE-2008-2027?
To address CVE-2008-2027, update the RSA Authentication Agent to version 5.3.0.259 or later.
What type of attack can be performed exploiting CVE-2008-2027?
Exploiting CVE-2008-2027 can allow attackers to perform phishing attacks by redirecting users to malicious websites.
Which software versions are affected by CVE-2008-2027?
CVE-2008-2027 affects RSA Authentication Agent version 5.3.0.258.
Is CVE-2008-2027 limited to specific browsers?
Yes, CVE-2008-2027 is particularly noted to affect certain browsers, including Mozilla Firefox.
- collector/nvd-historical
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/author
- agent/weakness
- agent/severity
- agent/last-modified-date
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- vendor/rsa
- canonical/rsa authentication agent
- version/rsa authentication agent/5.3.0.258