5 matches found
Arbitrary Code Execution
ccid is vulnerable to arbitrary code execution attacks. The vulnerability exists as a signedness error in ccidserial.c in libccid in the USB Chip/Smart Card Interface Devices CCID driver, as used in pcscd in PCSC-Lite 1.5.3 and possibly other products, allows physically proximate attackers to...
CCID: Arbitrary code execution
Background CCID is a generic USB Chip/Smart Card Interface Devices driver. Description CCID contains an integer overflow vulnerability in ccidserial.c. Impact A physically proximate attacker could execute arbitrary code via a smart card with a specially crafted serial number. Workaround There is ...
[ MDVSA-2011:014 ] ccid
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2011:014 http://www.mandriva.com/security/ Package : ccid Date : January 20, 2011 Affected: Corporate 4.0 Problem Description: A vulnerability has been found and corrected in ccid: Signedness error in ccidserial....
CVE-2010-4530
Signedness error in ccidserial.c in libccid in the USB Chip/Smart Card Interface Devices CCID driver, as used in pcscd in PCSC-Lite 1.5.3 and possibly other products, allows physically proximate attackers to execute arbitrary code via a smart card with a crafted serial number that causes a negati...
CVE-2010-4530
Signedness error in ccidserial.c in libccid in the USB Chip/Smart Card Interface Devices CCID driver, as used in pcscd in PCSC-Lite 1.5.3 and possibly other products, allows physically proximate attackers to execute arbitrary code via a smart card with a crafted serial number that causes a negati...