Stack buffer overflow in hasplms in Gemalto ACC (Admin Control Center), all versions ranging from HASP SRM 2.10 to Sentinel LDK 7.50, allows remote attackers to execute arbitrary code via malformed ASN.1 streams in V2C and similar input files.
Un desbordamiento de búfer basado en pila en hasplms en Gemalto ACC (Admin Control Center) en todas sus versiones desde HASP SRM 2.10 hasta Sentinel LDK 7.50 permite que los atacantes remotos ejecuten código arbitrario mediante transferencias ASN.1 mal formadas en V2C y archivos de entrada similares.
AV:N/AC:L/Au:N/C:P/I:P/A:P
| Access Vector | NETWORK |
|---|---|
| Access Complexity | LOW |
| Authentication | NONE |
| Confidentiality Impact | PARTIAL |
| Integrity Impact | PARTIAL |
| Availability Impact | PARTIAL |
| Source | Type | Description |
|---|---|---|
| [email protected] | Primary |
en
CWE-119
|
| Vendor | Product | Version | Update | Type |
|---|---|---|---|---|
| gemalto | sentinel_ldk_rte | 2.10 | <built-in method update of dict object at 0x72a9b091a780> | Application |
| gemalto | sentinel_ldk_rte | 3.0 | <built-in method update of dict object at 0x72a9b0918d40> | Application |
| gemalto | sentinel_ldk_rte | 7.1 | <built-in method update of dict object at 0x72a9b091a8c0> | Application |
| gemalto | sentinel_ldk_rte | 7.50 | <built-in method update of dict object at 0x72a9b0b48840> | Application |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:a:gemalto:sentinel_ldk_rte:2.10:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:gemalto:sentinel_ldk_rte:3.0:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:gemalto:sentinel_ldk_rte:7.1:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:gemalto:sentinel_ldk_rte:7.50:*:*:*:*:*:*:* |