19 matches found
CVE-2022-32959
HiCOS’ client-side citizen digital certificate component has a stack-based buffer overflow vulnerability when reading IC card due to insufficient parameter length validation for OS information. An unauthenticated physical attacker can exploit this vulnerability to execute arbitrary code, manipula...
CVE-2022-32961
HICOS’ client-side citizen digital certificate component has a stack-based buffer overflow vulnerability when reading IC card due to insufficient parameter length validation for token information. An unauthenticated physical attacker can exploit this vulnerability to execute arbitrary code,...
CVE-2022-32960
HiCOS’ client-side citizen digital certificate component has a stack-based buffer overflow vulnerability when reading IC card due to insufficient parameter length validation for card number. An unauthenticated physical attacker can exploit this vulnerability to execute arbitrary code, manipulate...
CVE-2022-32960
HiCOS’ client-side citizen digital certificate component has a stack-based buffer overflow vulnerability when reading IC card due to insufficient parameter length validation for card number. An unauthenticated physical attacker can exploit this vulnerability to execute arbitrary code, manipulate...
Stack overflow
HICOS’ client-side citizen digital certificate component has a stack-based buffer overflow vulnerability when reading IC card due to insufficient parameter length validation for token information. An unauthenticated physical attacker can exploit this vulnerability to execute arbitrary code,...
Stack overflow
HiCOS’ client-side citizen digital certificate component has a stack-based buffer overflow vulnerability when reading IC card due to insufficient parameter length validation for card number. An unauthenticated physical attacker can exploit this vulnerability to execute arbitrary code, manipulate...
CVE-2022-32961 HiCOS’ client-side citizen digital certificate - Stack Buffer Overflow
HICOS’ client-side citizen digital certificate component has a stack-based buffer overflow vulnerability when reading IC card due to insufficient parameter length validation for token information. An unauthenticated physical attacker can exploit this vulnerability to execute arbitrary code,...
CVE-2022-32961
CVE-2022-32961 concerns HICOS’ client-side citizen digital certificate component, which has a stack-based buffer overflow when reading an IC card due to insufficient validation of token information parameter length. The vulnerability can be exploited by an unauthenticated, physical attacker to ex...
CVE-2022-32960
CVE-2022-32960 affects the HiCOS client-side citizen digital certificate component. The vulnerability is a stack-based buffer overflow caused by insufficient validation of the card number parameter when reading an IC card. An unauthenticated physical attacker can exploit this to execute arbitrary...
CVE-2022-32960 HiCOS’ client-side citizen digital certificate - Stack Buffer Overflow
HiCOS’ client-side citizen digital certificate component has a stack-based buffer overflow vulnerability when reading IC card due to insufficient parameter length validation for card number. An unauthenticated physical attacker can exploit this vulnerability to execute arbitrary code, manipulate...
CVE-2022-32959
The CVE-2022-32959 entry concerns HiCOS’ client-side citizen digital certificate component, which is vulnerable to a stack-based buffer overflow when reading IC card data due to insufficient validation of OS information parameter length. The impact described in the sources is arbitrary code execu...
CVE-2022-32959 HiCOS’ client-side citizen digital certificate - Stack Buffer Overflow
HiCOS’ client-side citizen digital certificate component has a stack-based buffer overflow vulnerability when reading IC card due to insufficient parameter length validation for OS information. An unauthenticated physical attacker can exploit this vulnerability to execute arbitrary code, manipula...
PT-2022-21607 · Hicos · Hicos
Name of the Vulnerable Software and Affected Versions: HiCOS affected versions not specified Description: The issue is related to a stack-based buffer overflow vulnerability in the client-side citizen digital certificate component when reading IC card due to insufficient parameter length validati...
CVE-2022-32959
HiCOS’ client-side citizen digital certificate component has a stack-based buffer overflow vulnerability when reading IC card due to insufficient parameter length validation for OS information. An unauthenticated physical attacker can exploit this vulnerability to execute arbitrary code, manipula...
SQL Injection Vulnerability in WDECP-IC IC Card Prepaid Monitoring Platform
WDECP-IC IC card prepaid monitoring platform is a management platform developed by the application of IC card technology in the field of intelligent water conservancy. WDECP-IC IC card prepaid monitoring platform has a SQL injection vulnerability, which can be exploited by attackers to obtain...
SQL Injection Vulnerability in WDECP-IC Card Metering Management Platform of Tangshan Liulin Automation Equipment Co.
Tangshan Liulin Automation Equipment Co., Ltd. is a high-tech enterprise engaged in the research and development, production, sales and system engineering technical services of Internet of Things security communication terminal and intelligent application platform software. Tangshan Liulin...
SQL Injection Vulnerability in WDECP-IC Card Metering Management Platform
Tangshan Liulin Automation Equipment Co., Ltd. is a high-tech enterprise engaged in the research and development, production, sales and system engineering technical services of Internet of Things security communication terminal and intelligent application platform software. WDECP-IC card metering...
JVN#16136413: Installers of Sony PaSoRi related software may insecurely load Dynamic Link Libraries
PaSoRi provided by Sony Corporation is contactless IC card reader/writer. Installers of PaSoRi driver and other related software for Windows contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Impact Arbitrary code may be executed with t...
Sharp RW-4040 driver installer for Windows untrusted search path vulnerability
Sharp RW-4040 driver installer for Windows is a Windows-based driver installer for IC card readers from Sharp Japan. An untrusted search path vulnerability exists in Sharp RW-4040 driver installer for Windows 7 version 2.27. An attacker can exploit this vulnerability to gain privileges with a...