Stack buffer overflow in hasplms in Gemalto ACC (Admin Control Center), all versions ranging from HASP SRM 2.10 to Sentinel LDK 7.50, allows remote attackers to execute arbitrary code via language packs containing filenames longer than 1024 characters.
Un desbordamiento de búfer basado en pila en hasplms en Gemalto ACC (Admin Control Center) en todas sus versiones desde HASP SRM 2.10 hasta Sentinel LDK 7.50 permite que los atacantes remotos ejecuten código arbitrario mediante paquetes de lenguaje que contengan nombres de archivo más largos que 1024 caracteres.
AV:N/AC:L/Au:N/C:P/I:P/A:P
| Access Vector | NETWORK |
|---|---|
| Access Complexity | LOW |
| Authentication | NONE |
| Confidentiality Impact | PARTIAL |
| Integrity Impact | PARTIAL |
| Availability Impact | PARTIAL |
| Source | Type | Description |
|---|---|---|
| [email protected] | Primary |
en
CWE-119
|
| Vendor | Product | Version | Update | Type |
|---|---|---|---|---|
| gemalto | sentinel_ldk_rte | 2.10 | <built-in method update of dict object at 0x72a9a3091900> | Application |
| gemalto | sentinel_ldk_rte | 3.0 | <built-in method update of dict object at 0x72a9a3091500> | Application |
| gemalto | sentinel_ldk_rte | 7.1 | <built-in method update of dict object at 0x72a9a3091ec0> | Application |
| gemalto | sentinel_ldk_rte | 7.50 | <built-in method update of dict object at 0x72a99a7f29c0> | Application |
| Vulnerable | CPE |
|---|---|
| Yes | cpe:2.3:a:gemalto:sentinel_ldk_rte:2.10:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:gemalto:sentinel_ldk_rte:3.0:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:gemalto:sentinel_ldk_rte:7.1:*:*:*:*:*:*:* |
| Yes | cpe:2.3:a:gemalto:sentinel_ldk_rte:7.50:*:*:*:*:*:*:* |