Vulnerability Description
Cross-site scripting (XSS) vulnerability in the Admin Control Center in Sentinel HASP Run-time Environment 5.95 and earlier in SafeNet Sentinel HASP (formerly Aladdin HASP SRM) run-time installer before 6.x and SDK before 5.11, as used in 7 Technologies (7T) IGSS 7 and other products, when Firefox 2.0 is used, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors that trigger write access to a configuration file.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| 7T | Igss | 7 |
| Safenet-Inc | Sentinel Hasp Run-Time | <= 5.95 |
| Safenet-Inc | Sentinel Hasp Sdk | <= 5.10 |
| Mozilla | Firefox | 2.0 |
Related Weaknesses (CWE)
References
- http://www.safenet-inc.com/support-downloads/sentinel-drivers/CVE-2011-3339/Vendor Advisory
- http://www.securityfocus.com/bid/51028
- http://www.us-cert.gov/control_systems/pdf/ICSA-11-314-01.pdfThird Party AdvisoryUS Government Resource
- https://exchange.xforce.ibmcloud.com/vulnerabilities/71789
- http://www.safenet-inc.com/support-downloads/sentinel-drivers/CVE-2011-3339/Vendor Advisory
- http://www.securityfocus.com/bid/51028
- http://www.us-cert.gov/control_systems/pdf/ICSA-11-314-01.pdfThird Party AdvisoryUS Government Resource
- https://exchange.xforce.ibmcloud.com/vulnerabilities/71789
FAQ
What is CVE-2011-3339?
CVE-2011-3339 is a vulnerability with a CVSS score of 4.3 (MEDIUM). Cross-site scripting (XSS) vulnerability in the Admin Control Center in Sentinel HASP Run-time Environment 5.95 and earlier in SafeNet Sentinel HASP (formerly Aladdin HASP SRM) run-time installer befo...
How severe is CVE-2011-3339?
CVE-2011-3339 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2011-3339?
Check the references section above for vendor advisories and patch information. Affected products include: 7T Igss, Safenet-Inc Sentinel Hasp Run-Time, Safenet-Inc Sentinel Hasp Sdk, Mozilla Firefox.