Opensc-project » Opensc » 0.11.6 : Security Vulnerabilities, CVEs,
Multiple stack-based buffer overflows in libopensc in OpenSC 0.11.13 and earlier allow physically proximate attackers to execute arbitrary code via a long serial-number field on a smart card, related to (1) card-acos5.c, (2) card-atrust-acos.c, and (3) card-starcos.c.
Max CVSS
7.2
EPSS Score
0.24%
Published
2011-01-07
Updated
2011-02-17
OpenSC before 0.11.7 allows physically proximate attackers to bypass intended PIN requirements and read private data objects via a (1) low level APDU command or (2) debugging tool, as demonstrated by reading the 4601 or 4701 file with the opensc-explorer or opensc-tool program.
Max CVSS
2.1
EPSS Score
0.07%
Published
2009-03-02
Updated
2017-08-08
2 vulnerabilities found