Gemalto: >> Sentinel Ldk Rte Security Vulnerabilities
The License Manager service of HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE 7.80 allows remote attackers to inject malicious web script in the logs page of Admin Control Center (ACC) for cross-site scripting (XSS) vulnerability.
CVSS Score
6.1
EPSS Score
0.01
Published
2018-05-02
Stack overflow in custom XML-parser in Gemalto's Sentinel LDK RTE version before 7.65 leads to remote denial of service
CVSS Score
7.5
EPSS Score
0.019
Published
2018-03-13
Denial of service in Gemalto's Sentinel LDK RTE version before 7.65
CVSS Score
7.5
EPSS Score
0.014
Published
2018-03-13
Stack buffer overflow in hasplms in Gemalto ACC (Admin Control Center), all versions ranging from HASP SRM 2.10 to Sentinel LDK 7.50, allows remote attackers to execute arbitrary code via malformed ASN.1 streams in V2C and similar input files.
CVSS Score
9.8
EPSS Score
0.048
Published
2017-10-03
Stack buffer overflow in hasplms in Gemalto ACC (Admin Control Center), all versions ranging from HASP SRM 2.10 to Sentinel LDK 7.50, allows remote attackers to execute arbitrary code via language packs containing filenames longer than 1024 characters.
CVSS Score
9.8
EPSS Score
0.048
Published
2017-10-03
Buffer overflow in hasplms in Gemalto ACC (Admin Control Center), all versions ranging from HASP SRM 2.10 to Sentinel LDK 7.50, allows remote attackers to shut down the remote process (a denial of service) via a language pack (ZIP file) with invalid HTML files.
CVSS Score
7.5
EPSS Score
0.03
Published
2017-10-03