Security information

ID Title and Summary Maximum Severity Rating* Vulnerability Impact Affected Software
SM13-003 Version: 6.1: New release + Security Update for Net iD EnterpriseVersion 6.1 implements a new security model for the Net iD Enterprise plugin. Every type of call has to be explicitly allowed.
However, some basic calls are allowed by default in all packages from SecMaker.
Moderate 6.0.3 and earlier
Version: 6.0.3: Non security related update for Net iD Enterprise
SM13-002 Version: 6.0.2: Security Update for Net iD EnterpriseVersion 6.0.2 adresses an issue regarding the plugin in Net iD Enterprise. The vulnerability could allow remote code execution if a user views a specially crafted webpage using a web browser with the Net iD Enterprise plugin. Critical Remote Code Execution 6.0.1 and earlier
SM13-001(only in Swedish) Version: 6.0.1: Security Update for Net iD EnterpriseVersion 6.0.1 adresses an issue regarding the plugin in Net iD Enterprise. An attacker who successfully exploited the vulnerability could gain access to personal identification number from the card holders certificates. Important Information Disclosure 6.0.0 and earlier

http://technet.microsoft.com/en-us/security/gg309177.aspx
We are using the same severity classification as Microsoft

First position => Major release
Second position => Minor release
Third position => Service release
Fourth position => Build

Feedback

To report a security issue use the the following email adress: service(at)secmaker.com