6 matches found
openSUSE Security Update : libpcsclite1 (openSUSE-SU-2010:0500-1)
This update of pcsc-liste fixes two vulnerabilities : - CVE-2009-4901: local denial of service daemon crash via crafted SCARDSETATTRIB message data, a related issue to CVE-2010-0407. - CVE-2009-4902: a buffer overflow might allow local users to gain privileges via crafted SCARDCONTROL message dat...
openSUSE Security Update : libpcsclite1 (openSUSE-SU-2010:0500-1)
This update of pcsc-liste fixes two vulnerabilities : - CVE-2009-4901: local denial of service daemon crash via crafted SCARDSETATTRIB message data, a related issue to CVE-2010-0407. - CVE-2009-4902: a buffer overflow might allow local users to gain privileges via crafted SCARDCONTROL message dat...
Fedora 12 : pcsc-lite-1.5.2-5.fc12 (2010-10764)
This update fixes up incorrect checks which were introduced with CVE-2010-0407 patch, introducing a regression for certain token types. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatical...
Fedora 12 : pcsc-lite-1.5.2-4.fc12 (2010-10014)
An update to address a buffer overflow which could allow a local attacker to elevate privileges. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as...
CVE-2009-4902
CVE-2009-4902 relates to a buffer overflow in the MSGFunctionDemarshall function of winscard_svc.c in the MUSCLE PCSC-Lite daemon (pcscd) up to version 1.5.4. Crafted SCARD_CONTROL message data could be improperly demarshalled, enabling a local attacker to gain privileges. The issue is linked to ...
Debian DSA-2059-1 : pcsc-lite - buffer overflow
It was discovered that PCSCD, a daemon to access smart cards, was vulnerable to a buffer overflow allowing a local attacker to elevate his privileges to root. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian...