Buffer overflow in hasplms in Gemalto ACC (Admin Control Center), all versions ranging from HASP SRM 2.10 to Sentinel LDK 7.50, allows remote attackers to shut down the remote process (a denial of service) via a language pack (ZIP file) with invalid HTML files.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 03:07
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.securityfocus.com/bid/102739 - | |
References | () http://www.securityfocus.com/bid/102906 - | |
References | () https://cert-portal.siemens.com/productcert/pdf/ssa-727467.pdf - | |
References | () https://ics-cert.kaspersky.com/advisories/2017/07/28/klcert-17-001-sentinel-ldk-rte-language-pack-with-invalid-html-files-leads-to-denial-of-service/ - Vendor Advisory | |
References | () https://ics-cert.us-cert.gov/advisories/ICSA-18-018-01 - | |
References | () https://ics-cert.us-cert.gov/advisories/ICSA-18-093-01 - | |
References | () https://www.iotvillage.org/slides_dc25/Sergey_Vlad_DEFCON_IOT_Village_Public2017.pptx - Third Party Advisory |
Information
Published : 2017-10-03 01:29
Updated : 2024-11-21 03:07
NVD link : CVE-2017-11498
Mitre link : CVE-2017-11498
CVE.ORG link : CVE-2017-11498
JSON object : View
Products Affected
gemalto
- sentinel_ldk_rte
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer