11 matches found
opensc: Buffer overflows handling responses from Gemsafe V1 Smartcards in pkcs15-gemsafeV1.c:gemsafe_get_cert_len()
Several buffer overflows when handling responses from a Gemsafe V1 Smartcard in gemsafegetcertlen in libopensc/pkcs15-gemsafeV1.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service application crash or possibly have unspecified...
CVE-2018-16425
A double free when handling responses from an HSM Card in scpkcs15emuschsminit in libopensc/pkcs15-sc-hsm.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service application crash or possibly have unspecified other impact...
DEBIAN-CVE-2018-16426
Endless recursion when handling responses from an IAS-ECC card in iaseccselectfile in libopensc/card-iasecc.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to hang or crash the opensc library using programs...
CVE-2018-16425
A double free when handling responses from an HSM Card in scpkcs15emuschsminit in libopensc/pkcs15-sc-hsm.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service application crash or possibly have unspecified other impact...
UBUNTU-CVE-2018-16422
A single byte buffer overflow when handling responses from an esteid Card in scpkcs15emuesteidinit in libopensc/pkcs15-esteid.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service application crash or possibly have unspecified othe...
CVE-2018-16421
Several buffer overflows when handling responses from a CAC Card in cacgetserialnrfromCUID in libopensc/card-cac.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service application crash or possibly have unspecified other impact...
OpenSC Out-of-Bounds Read Vulnerability
OpenSC is a set of software tools and libraries for smart cards, focusing on smart cards with cryptographic capabilities. OpenSC prior to 0.19.0-rc1 suffers from an out-of-bounds read vulnerability when processing responses. An attacker could exploit this vulnerability to cause the opensc library...
OpenSC Double Release Vulnerability (CNVD-2019-28619)
OpenSC is an open source smart card tool and middleware. A double-release vulnerability exists in the 'readfile' function of the tools/egk-tool.c file in versions prior to OpenSC 0.19.0-rc1. An attacker can exploit this vulnerability to cause a denial of service application crash with the help of...
CVE-2018-16393
Several buffer overflows when handling responses from a Gemsafe V1 Smartcard in gemsafegetcertlen in libopensc/pkcs15-gemsafeV1.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service application crash or possibly have unspecified...
CVE-2018-16392
Several buffer overflows when handling responses from a TCOS Card in tcosselectfile in libopensc/card-tcos.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service application crash or possibly have unspecified other impact...
CVE-2018-16391
Several buffer overflows when handling responses from a Muscle Card in musclelistfiles in libopensc/card-muscle.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service application crash or possibly have unspecified other impact...