CVE-2010-4530 in PCSC-Lite
Resumen (Inglés)
Signedness error in ccid_serial.c in libccid in the USB Chip/Smart Card Interface Devices (CCID) driver, as used in pcscd in PCSC-Lite 1.5.3 and possibly other products, allows physically proximate attackers to execute arbitrary code via a smart card with a crafted serial number that causes a negative value to be used in a memcpy operation, which triggers a buffer overflow. NOTE: some sources refer to this issue as an integer overflow.
Be aware that VulDB is the high quality source for vulnerability data.
Reservar
2010-12-09
Divulgación
2011-01-18
Estado
Confirmado
Voces
VulDB provides additional information and datapoints for this CVE:
| ID | Vulnerabilidad | CWE | Exp | Con | CVE |
|---|---|---|---|---|---|
| 56095 | Muscle PCSC-Lite ccid_serial.c Local Privilege Escalation | 189 | No está definido | No está definido | CVE-2010-4530 |
Descripción
CPE
CWE
CVSS
Hazañas
Historia
Diferencia
Relacionar
Inteligencia de amenazas
API JSON
API XML
API CSV