CVE-2017-12818 HIGH

Published: 2017-10-04 | Last Modified: 2026-06-17 | Status: Modified

Description

Stack overflow in custom XML-parser in Gemalto's HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE version 7.55 leads to remote denial of service.

Additional Descriptions (1)

Existe un desbordamiento de pila en un analizador XML personalizado en los productos HASP SRM, Sentinel HASP y Sentinel LDK de Gemalto anteriores a la versión 7.55 de Sentinel LDK RTE que podría provocar una denegación de servicio (DoS) remota.

CVSS Metrics

Base Score: 5.0 (MEDIUM)

AV:N/AC:L/Au:N/C:N/I:N/A:P

Access Vector	NETWORK
Access Complexity	LOW
Authentication	NONE
Confidentiality Impact	NONE
Integrity Impact	NONE
Availability Impact	PARTIAL

Source: [email protected]

Type: Primary

Exploitability Score: 10.0

Impact Score: 2.9

Weaknesses

Source	Type	Description
[email protected]	Primary	en CWE-119

Affected Products

Vendor	Product	Version	Update	Type
sentinel	sentinel_ldk_rte_firmware	*	<built-in method update of dict object at 0x72a9a3091140>	Operating System

Affected Configurations

Operator: OR

Vulnerable	CPE
Yes	`cpe:2.3:o:sentinel:sentinel_ldk_rte_firmware::::::::`

References

http://www.securityfocus.com/bid/102906
Source: [email protected]
https://cert-portal.siemens.com/productcert/pdf/ssa-727467.pdf
Source: [email protected]
https://ics-cert.kaspersky.com/advisories/klcert-advisories/2017/10/02/klcert-17-004-sentinel-ldk-rte-stack-overflow-in-custom-xml-parser-leads-to-remote-denial-of-service/
Source: [email protected]

Third Party Advisory
https://ics-cert.us-cert.gov/advisories/ICSA-18-093-01
Source: [email protected]
http://www.securityfocus.com/bid/102906
Source: af854a3a-2127-422b-91ae-364da2661108
https://cert-portal.siemens.com/productcert/pdf/ssa-727467.pdf
Source: af854a3a-2127-422b-91ae-364da2661108
https://ics-cert.kaspersky.com/advisories/klcert-advisories/2017/10/02/klcert-17-004-sentinel-ldk-rte-stack-overflow-in-custom-xml-parser-leads-to-remote-denial-of-service/
Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory
https://ics-cert.us-cert.gov/advisories/ICSA-18-093-01
Source: af854a3a-2127-422b-91ae-364da2661108