Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2010-4523

Multiple stack-based buffer overflows in libopensc in OpenSC 0.11.13 and earlier allow physically proximate attackers to execute arbitrary code via a long serial-number field on a smart card, related to (1) card-acos5.c, (2) card-atrust-acos.c, and (3) card-starcos.c.

Related bugs and status

CVE-2010-4523 (Candidate) is related to these bugs:

Bug #692483: Buffer overflow

		In	Importance	Status
692483	Buffer overflow	opensc (Ubuntu)	Low	Fix Released
692483	Buffer overflow	opensc (Ubuntu Lucid)	Low	Fix Released
692483	Buffer overflow	opensc (Ubuntu Maverick)	Low	Fix Released
692483	Buffer overflow	opensc (Ubuntu Natty)	Low	Fix Released
692483	Buffer overflow	opensc (Debian)	Unknown	Fix Released
692483	Buffer overflow	opensc (Ubuntu Hardy)	Low	Fix Released
692483	Buffer overflow	opensc (Ubuntu Karmic)	Low	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: http://labs.mwrinfosec...
MISC: http://www.h-online.co...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://www.securityfoc...
MISC: http://www.vupen.com/e...
MISC: http://www.vupen.com/e...
MISC: http://www.vupen.com/e...
MISC: http://lists.fedorapro...
MISC: http://lists.fedorapro...
MISC: http://www.mandriva.co...
MISC: http://lists.opensuse....
MISC: http://openwall.com/li...
MISC: http://openwall.com/li...
MISC: http://bugs.debian.org...
MISC: https://bugs.launchpad...
MISC: https://bugzilla.redha...
MISC: https://www.opensc-pro...