6 matches found
OpenSC 安全漏洞
OpenSC is an open-source smart card tool and middleware developed by OpenSC. There is a security vulnerability in OpenSC, which stems from the use of uninitialized variables multiple times, potentially leading to information leaks or application crashes. The attack requires a specially crafted US...
OpenSC Buffer Overflow Vulnerability (CNVD-2019-28624)
OpenSC is an open source smart card tool and middleware. A buffer overflow vulnerability exists in the 'readpublickey' function in the tools/cryptoflex-tool.c file in versions prior to OpenSC 0.19.0-rc1. An attacker could use this vulnerability to cause a denial of service application crash with...
OpenSC Double Release Vulnerability (CNVD-2019-28620)
OpenSC is an open source smart card tool and middleware. A double-release vulnerability exists in the 'scfilesetsecattr' function of the libopensc/sc.c file in versions of OpenSC prior to 0.19.0-rc1. An attacker could exploit this vulnerability to cause a denial of service application crash with...
OpenSC Buffer Overflow Vulnerability (CNVD-2019-28616)
OpenSC is a set of software tools and libraries for smart cards, focusing on smart cards with cryptographic capabilities. A buffer overflow vulnerability exists in utilacltostr in tools/util.c in OpenSC before 0.19.0-rc1 when handling string concatenation. An attacker could exploit this...
OpenSC Buffer Overflow Vulnerability (CNVD-2019-28623)
OpenSC is an open source smart card tool and middleware. A buffer overflow vulnerability exists in the 'decryptresponse' function of the libopensc/card-epass2003.c file in versions of OpenSC prior to 0.19.0-rc1. An attacker could exploit this vulnerability to cause a denial of service application...
CVE-2010-4530
Signedness error in ccidserial.c in libccid in the USB Chip/Smart Card Interface Devices CCID driver, as used in pcscd in PCSC-Lite 1.5.3 and possibly other products, allows physically proximate attackers to execute arbitrary code via a smart card with a crafted serial number that causes a negati...