Lucene search

[email protected]NVD:CVE-2008-3972

HistorySep 11, 2008 - 1:13 a.m.

CVE-2008-3972

2008-09-1101:13:47

CWE-264

[email protected]

web.nvd.nist.gov

CVSS2

6.6

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:C/A:C

AI Score

6.3

Confidence

Low

EPSS

0.001

Percentile

26.7%

JSON

pkcs15-tool in OpenSC before 0.11.6 does not apply security updates to a smart card unless the card’s label matches the “OpenSC” string, which might allow physically proximate attackers to exploit vulnerabilities that the card owner expected were patched, as demonstrated by exploitation of CVE-2008-2235.

Affected configurations

Nvd

Node

opensc-projectopenscRange≤0.11.5

opensc-projectopenscMatch0.4.0

opensc-projectopenscMatch0.5.0

opensc-projectopenscMatch0.6.0

opensc-projectopenscMatch0.6.1

opensc-projectopenscMatch0.7.0

opensc-projectopenscMatch0.8.0

opensc-projectopenscMatch0.8.1

opensc-projectopenscMatch0.9.2

opensc-projectopenscMatch0.9.3

opensc-projectopenscMatch0.9.4

opensc-projectopenscMatch0.9.5

opensc-projectopenscMatch0.9.6

opensc-projectopenscMatch0.10.0

opensc-projectopenscMatch0.10.1

opensc-projectopenscMatch0.11.0

opensc-projectopenscMatch0.11.1

opensc-projectopenscMatch0.11.2

opensc-projectopenscMatch0.11.3

opensc-projectopenscMatch0.11.3pre3

opensc-projectopenscMatch0.11.4

AND

siemenscardosMatchm4

VendorProductVersionCPE
opensc-projectopensc*cpe:2.3:a:opensc-project:opensc:*:*:*:*:*:*:*:*
opensc-projectopensc0.4.0cpe:2.3:a:opensc-project:opensc:0.4.0:*:*:*:*:*:*:*
opensc-projectopensc0.5.0cpe:2.3:a:opensc-project:opensc:0.5.0:*:*:*:*:*:*:*
opensc-projectopensc0.6.0cpe:2.3:a:opensc-project:opensc:0.6.0:*:*:*:*:*:*:*
opensc-projectopensc0.6.1cpe:2.3:a:opensc-project:opensc:0.6.1:*:*:*:*:*:*:*
opensc-projectopensc0.7.0cpe:2.3:a:opensc-project:opensc:0.7.0:*:*:*:*:*:*:*
opensc-projectopensc0.8.0cpe:2.3:a:opensc-project:opensc:0.8.0:*:*:*:*:*:*:*
opensc-projectopensc0.8.1cpe:2.3:a:opensc-project:opensc:0.8.1:*:*:*:*:*:*:*
opensc-projectopensc0.9.2cpe:2.3:a:opensc-project:opensc:0.9.2:*:*:*:*:*:*:*
opensc-projectopensc0.9.3cpe:2.3:a:opensc-project:opensc:0.9.3:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
opensc-project	opensc	*	cpe:2.3:a:opensc-project:opensc::::::::
opensc-project	opensc	0.4.0	cpe:2.3:a:opensc-project:opensc:0.4.0:::::::*
opensc-project	opensc	0.5.0	cpe:2.3:a:opensc-project:opensc:0.5.0:::::::*
opensc-project	opensc	0.6.0	cpe:2.3:a:opensc-project:opensc:0.6.0:::::::*
opensc-project	opensc	0.6.1	cpe:2.3:a:opensc-project:opensc:0.6.1:::::::*
opensc-project	opensc	0.7.0	cpe:2.3:a:opensc-project:opensc:0.7.0:::::::*
opensc-project	opensc	0.8.0	cpe:2.3:a:opensc-project:opensc:0.8.0:::::::*
opensc-project	opensc	0.8.1	cpe:2.3:a:opensc-project:opensc:0.8.1:::::::*
opensc-project	opensc	0.9.2	cpe:2.3:a:opensc-project:opensc:0.9.2:::::::*
opensc-project	opensc	0.9.3	cpe:2.3:a:opensc-project:opensc:0.9.3:::::::*