cvelist/2017/11xxx/CVE-2017-11497.json

{
   "CVE_data_meta" : {
      "ASSIGNER" : "cve@mitre.org",
      "ID" : "CVE-2017-11497",
      "STATE" : "PUBLIC"
   },
   "affects" : {
      "vendor" : {
         "vendor_data" : [
            {
               "product" : {
                  "product_data" : [
                     {
                        "product_name" : "n/a",
                        "version" : {
                           "version_data" : [
                              {
                                 "version_value" : "n/a"
                              }
                           ]
                        }
                     }
                  ]
               },
               "vendor_name" : "n/a"
            }
         ]
      }
   },
   "data_format" : "MITRE",
   "data_type" : "CVE",
   "data_version" : "4.0",
   "description" : {
      "description_data" : [
         {
            "lang" : "eng",
            "value" : "Stack buffer overflow in hasplms in Gemalto ACC (Admin Control Center), all versions ranging from HASP SRM 2.10 to Sentinel LDK 7.50, allows remote attackers to execute arbitrary code via language packs containing filenames longer than 1024 characters."
         }
      ]
   },
   "problemtype" : {
      "problemtype_data" : [
         {
            "description" : [
               {
                  "lang" : "eng",
                  "value" : "n/a"
               }
            ]
         }
      ]
   },
   "references" : {
      "reference_data" : [
         {
            "name" : "https://ics-cert.kaspersky.com/advisories/2017/07/28/klcert-17-002-sentinel-ldk-rte-language-packs-containing-malformed-filenames-lead-to-remote-code-execution/",
            "refsource" : "MISC",
            "url" : "https://ics-cert.kaspersky.com/advisories/2017/07/28/klcert-17-002-sentinel-ldk-rte-language-packs-containing-malformed-filenames-lead-to-remote-code-execution/"
         },
         {
            "name" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-018-01",
            "refsource" : "MISC",
            "url" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-018-01"
         },
         {
            "name" : "https://www.iotvillage.org/slides_dc25/Sergey_Vlad_DEFCON_IOT_Village_Public2017.pptx",
            "refsource" : "MISC",
            "url" : "https://www.iotvillage.org/slides_dc25/Sergey_Vlad_DEFCON_IOT_Village_Public2017.pptx"
         },
         {
            "name" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-093-01",
            "refsource" : "MISC",
            "url" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-093-01"
         },
         {
            "name" : "https://cert-portal.siemens.com/productcert/pdf/ssa-727467.pdf",
            "refsource" : "CONFIRM",
            "url" : "https://cert-portal.siemens.com/productcert/pdf/ssa-727467.pdf"
         },
         {
            "name" : "102739",
            "refsource" : "BID",
            "url" : "http://www.securityfocus.com/bid/102739"
         },
         {
            "name" : "102906",
            "refsource" : "BID",
            "url" : "http://www.securityfocus.com/bid/102906"
         }
      ]
   }
}
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`{`
			`"CVE_data_meta" : {`
			`"ASSIGNER" : "cve@mitre.org",`
			`"ID" : "CVE-2017-11497",`
			`"STATE" : "PUBLIC"`
			`},`
			`"affects" : {`
			`"vendor" : {`
			`"vendor_data" : [`
			`{`
			`"product" : {`
			`"product_data" : [`
			`{`
			`"product_name" : "n/a",`
			`"version" : {`
			`"version_data" : [`
			`{`
			`"version_value" : "n/a"`
			`}`
			`]`
			`}`
			`}`
			`]`
			`},`
			`"vendor_name" : "n/a"`
			`}`
			`]`
			`}`
			`},`
			`"data_format" : "MITRE",`
			`"data_type" : "CVE",`
			`"data_version" : "4.0",`
			`"description" : {`
			`"description_data" : [`
			`{`
			`"lang" : "eng",`
			`"value" : "Stack buffer overflow in hasplms in Gemalto ACC (Admin Control Center), all versions ranging from HASP SRM 2.10 to Sentinel LDK 7.50, allows remote attackers to execute arbitrary code via language packs containing filenames longer than 1024 characters."`
			`}`
			`]`
			`},`
			`"problemtype" : {`
			`"problemtype_data" : [`
			`{`
			`"description" : [`
			`{`
			`"lang" : "eng",`
			`"value" : "n/a"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`"references" : {`
			`"reference_data" : [`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "https://ics-cert.kaspersky.com/advisories/2017/07/28/klcert-17-002-sentinel-ldk-rte-language-packs-containing-malformed-filenames-lead-to-remote-code-execution/",`
			`"refsource" : "MISC",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "https://ics-cert.kaspersky.com/advisories/2017/07/28/klcert-17-002-sentinel-ldk-rte-language-packs-containing-malformed-filenames-lead-to-remote-code-execution/"`
			`},`
- Synchronized data. 2018-01-22 12:07:19 -05:00			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-018-01",`
			`"refsource" : "MISC",`
- Synchronized data. 2018-01-22 12:07:19 -05:00			`"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-018-01"`
			`},`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "https://www.iotvillage.org/slides_dc25/Sergey_Vlad_DEFCON_IOT_Village_Public2017.pptx",`
			`"refsource" : "MISC",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "https://www.iotvillage.org/slides_dc25/Sergey_Vlad_DEFCON_IOT_Village_Public2017.pptx"`
- Synchronized data. 2018-01-20 06:02:15 -05:00			`},`
- Synchronized data. 2018-04-05 13:04:43 -04:00			`{`
			`"name" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-093-01",`
			`"refsource" : "MISC",`
			`"url" : "https://ics-cert.us-cert.gov/advisories/ICSA-18-093-01"`
			`},`
- Synchronized data. 2018-05-10 06:02:41 -04:00			`{`
			`"name" : "https://cert-portal.siemens.com/productcert/pdf/ssa-727467.pdf",`
			`"refsource" : "CONFIRM",`
			`"url" : "https://cert-portal.siemens.com/productcert/pdf/ssa-727467.pdf"`
			`},`
- Synchronized data. 2018-01-20 06:02:15 -05:00			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "102739",`
			`"refsource" : "BID",`
- Synchronized data. 2018-01-20 06:02:15 -05:00			`"url" : "http://www.securityfocus.com/bid/102739"`
- Synchronized data. 2018-02-03 06:02:16 -05:00			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "102906",`
			`"refsource" : "BID",`
- Synchronized data. 2018-02-03 06:02:16 -05:00			`"url" : "http://www.securityfocus.com/bid/102906"`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`}`
			`]`
			`}`
			`}`