Lucene search

K

PRIOn knowledge basePRION:CVE-2008-3972

HistorySep 11, 2008 - 1:13 a.m.

Design/Logic Flaw

2008-09-1101:13:00

PRIOn knowledge base

www.prio-n.com

4

6.5 Medium

AI Score

Confidence

Low

6.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:C/A:C

0.001 Low

EPSS

Percentile

24.6%

pkcs15-tool in OpenSC before 0.11.6 does not apply security updates to a smart card unless the card’s label matches the “OpenSC” string, which might allow physically proximate attackers to exploit vulnerabilities that the card owner expected were patched, as demonstrated by exploitation of CVE-2008-2235.

CPENameOperatorVersion
openscle0.11.5
opensceq0.4.0
opensceq0.5.0
opensceq0.6.0
opensceq0.6.1
opensceq0.7.0
opensceq0.8.0
opensceq0.8.1
opensceq0.9.2
opensceq0.9.3

Rows per page:

1-10 of 211

References

lists.opensuse.org/opensuse-security-announce/2008-09/msg00005.html

secunia.com/advisories/32099

secunia.com/advisories/34362

www.opensc-project.org/pipermail/opensc-announce/2008-August/000021.html

www.openwall.com/lists/oss-security/2008/09/09/14

exchange.xforce.ibmcloud.com/vulnerabilities/45045

www.redhat.com/archives/fedora-package-announce/2009-March/msg00686.html

6.5 Medium

AI Score

Confidence

Low

6.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:C/A:C

0.001 Low

EPSS

Percentile

24.6%

Related for PRION:CVE-2008-3972

ubuntucve2 cve2 openvas22 debiancve2 nessus13 fedora2 debian2 cvelist2 prion1 gentoo1 seebug1 securityvulns2