Lucene search
UbuntuUSN-1125-1HistoryApr 27, 2011 - 12:00 a.m.
PCSC-Lite vulnerability
2011-04-2700:00:00
ubuntu.com
39
CVSS2
4.4
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
AI Score
6.7
Confidence
Low
EPSS
0.001
Percentile
46.8%
Releases
- Ubuntu 10.10
- Ubuntu 10.04
- Ubuntu 9.10
Packages
- pcsc-lite - Middleware to access a smart card using PC/SC (development files)
Details
Rafael Dominguez Vega discovered that PCSC-Lite incorrectly handled smart
cards with malformed ATR messages. An attacker having physical access
could exploit this with a special smart card and cause a denial of service
or execute arbitrary code.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 9.10 | noarch | libpcsclite1 | < 1.5.3-1ubuntu1.2 | UNKNOWN |
| Ubuntu | 9.10 | noarch | libpcsclite-dev | < 1.5.3-1ubuntu1.2 | UNKNOWN |
| Ubuntu | 9.10 | noarch | pcscd | < 1.5.3-1ubuntu1.2 | UNKNOWN |
| Ubuntu | 10.10 | noarch | libpcsclite1 | < 1.5.5-3ubuntu2.1 | UNKNOWN |
| Ubuntu | 10.10 | noarch | libpcsclite-dev | < 1.5.5-3ubuntu2.1 | UNKNOWN |
| Ubuntu | 10.10 | noarch | pcscd | < 1.5.5-3ubuntu2.1 | UNKNOWN |
| Ubuntu | 10.04 | noarch | libpcsclite1 | < 1.5.3-1ubuntu4.2 | UNKNOWN |
| Ubuntu | 10.04 | noarch | libpcsclite-dev | < 1.5.3-1ubuntu4.2 | UNKNOWN |
| Ubuntu | 10.04 | noarch | pcscd | < 1.5.3-1ubuntu4.2 | UNKNOWN |
References
Related
gentoo
gentoo
PCSC-Lite: Arbitrary code execution
2014-01-21 00:00:00
openvas
openvas
CentOS Update for pcsc-lite CESA-2013:0525 centos6
2013-03-12 00:00:00
Mandriva Update for pcsc-lite MDVSA-2011:015 (pcsc-lite)
2011-01-21 00:00:00
CentOS Update for pcsc-lite CESA-2013:0525 centos6
2013-03-12 00:00:00
prion
prion
Stack overflow
2011-01-18 18:03:00
nessus
nessus
Mandriva Linux Security Advisory : pcsc-lite (MDVSA-2011:015)
2011-01-28 00:00:00
RHEL 5 : pcsc-lite (Unpatched Vulnerability)
2024-06-03 00:00:00
GLSA-201401-17 : PCSC-Lite: Arbitrary code execution
2014-01-22 00:00:00
nvd
nvd
CVE-2010-4531
2011-01-18 18:03:07
debiancve
debiancve
CVE-2010-4531
2011-01-18 18:03:07
debian
debian
[SECURITY] [DSA-2156-1] pcscd security update
2011-01-31 11:22:24
fedora
fedora
[SECURITY] Fedora 14 Update: pcsc-lite-1.6.4-3.fc14
2011-01-13 23:35:38
[SECURITY] Fedora 13 Update: pcsc-lite-1.5.5-5.fc13
2011-01-13 23:38:23
veracode
veracode
Denial Of Service (DoS)
2019-01-15 08:57:49
oraclelinux
oraclelinux
pcsc-lite security and bug fix update
2013-02-22 00:00:00
cvelist
cvelist
CVE-2010-4531
2011-01-18 17:00:00
securityvulns
securityvulns
[ MDVSA-2011:015 ] pcsc-lite
2011-01-24 00:00:00
OpenSC / PCSC-Lite library buffer overflow
2011-01-24 00:00:00
centos
centos
pcsc security update
2013-02-27 19:37:16
ubuntucve
ubuntucve
CVE-2010-4531
2011-01-18 00:00:00
redhat
redhat
(RHSA-2013:0525) Moderate: pcsc-lite security and bug fix update
2013-02-21 00:00:00
cve
cve
CVE-2010-4531
2011-01-18 18:03:07
CVSS2
4.4
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
AI Score
6.7
Confidence
Low
EPSS
0.001
Percentile
46.8%
Related for USN-1125-1