31 matches found
CVE-2017-12818
CVE-2017-12818 is the Sentinel/ Gemalto vulnerability: a stack-based buffer overflow in the custom XML-parser of Sentinel HASP SRM, Sentinel HASP, and Sentinel LDK runtime (prior to LDK RTE 7.55). Impact per ICS-CERT: remote code execution or denial of service. Affected products include HASP SRM/...
CVE-2017-12821
Memory corruption in Gemalto's HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE version 7.55 might cause remote code execution...
CVE-2017-12819
CVE-2017-12819 refers to remote manipulation of the Gemalto SafeNet Sentinel language-pack updater, enabling NTLM-relay attacks for the system user in HASP SRM, Sentinel HASP and Sentinel LDK before Sentinel LDK RTE 7.55. Connected advisories corroborate remote NTLM-relay risk and advise upgradin...
CVE-2017-12820
CVE-2017-12820 affects Gemalto SafeNet Sentinel stacks (HASP SRM, Sentinel HASP, Sentinel LDK) prior to Sentinel LDK RTE 7.55. The vulnerability is described as an arbitrary memory read from a controlled memory pointer, which could enable remote denial of service. Public advisories indicate the i...
CVE-2017-12822
CVE-2017-12822 affects Gemalto’s HASP SRM, Sentinel HASP and Sentinel LDK prior to Sentinel LDK RTE 7.55. The NEAR-term root cause is an improper access control flaw that allows the administrative interface to be remotely enabled and disabled without authentication, potentially expanding the atta...
CVE-2017-12819
Remote manipulations with language pack updater lead to NTLM-relay attack for system user in Gemalto's HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE version 7.55...
CVE-2011-3339
Cross-site scripting XSS vulnerability in the Admin Control Center in Sentinel HASP Run-time Environment 5.95 and earlier in SafeNet Sentinel HASP formerly Aladdin HASP SRM run-time installer before 6.x and SDK before 5.11, as used in 7 Technologies 7T IGSS 7 and other products, when Firefox 2.0 ...
Cross site scripting
Cross-site scripting XSS vulnerability in the Admin Control Center in Sentinel HASP Run-time Environment 5.95 and earlier in SafeNet Sentinel HASP formerly Aladdin HASP SRM run-time installer before 6.x and SDK before 5.11, as used in 7 Technologies 7T IGSS 7 and other products, when Firefox 2.0 ...
CVE-2011-3339
The CVE-2011-3339 entry describes an XSS vulnerability in the Admin Control Center of SafeNet Sentinel HASP/SRM, affecting HASP Run-time Environment 5.95 and earlier, with installers before 6.x and SDKs before 5.11. The issue arises from inadequate input validation in the web application, which c...
CVE-2011-3339
Cross-site scripting XSS vulnerability in the Admin Control Center in Sentinel HASP Run-time Environment 5.95 and earlier in SafeNet Sentinel HASP formerly Aladdin HASP SRM run-time installer before 6.x and SDK before 5.11, as used in 7 Technologies 7T IGSS 7 and other products, when Firefox 2.0 ...
Safenet Sentinel and 7-T Input Sanitization Vulnerability
Overview ICS-CERT originally released advisory ICSA-11-314-01P on the US-CERT secure portal on November 14, 2011. This web page release was delayed to allow users time to download and install the update. Security researcher Carlos Mario Penagos Hollman of Synapse-labs has identified an input...