Gemalto : Security Vulnerabilities Published In 2017
# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
1 |
CVE-2017-11498 |
119 |
|
DoS Overflow |
2017-10-03 |
2018-05-11 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Buffer overflow in hasplms in Gemalto ACC (Admin Control Center), all versions ranging from HASP SRM 2.10 to Sentinel LDK 7.50, allows remote attackers to shut down the remote process (a denial of service) via a language pack (ZIP file) with invalid HTML files. |
2 |
CVE-2017-11497 |
119 |
|
Exec Code Overflow |
2017-10-03 |
2018-05-11 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
Stack buffer overflow in hasplms in Gemalto ACC (Admin Control Center), all versions ranging from HASP SRM 2.10 to Sentinel LDK 7.50, allows remote attackers to execute arbitrary code via language packs containing filenames longer than 1024 characters. |
3 |
CVE-2017-11496 |
119 |
|
Exec Code Overflow |
2017-10-03 |
2018-05-11 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
Stack buffer overflow in hasplms in Gemalto ACC (Admin Control Center), all versions ranging from HASP SRM 2.10 to Sentinel LDK 7.50, allows remote attackers to execute arbitrary code via malformed ASN.1 streams in V2C and similar input files. |
4 |
CVE-2017-6953 |
119 |
|
Exec Code Overflow |
2017-05-08 |
2017-05-19 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
Gemalto SmartDiag Diagnosis Tool v2.5 has a stack-based Buffer Overflow with SEH Overwrite via long "Register a new card" input fields. There may be a risk of local code execution with untrusted input to SmartDiag.exe or SymDiag.exe. |
Total number of vulnerabilities :
4
Page :
1
(This Page)