CVE-2010-4531

EPSS 0.28%

pcsc-lite - buffer overflow

Published: 1/18/2011Modified: 4/28/2026

Also known as:DEBIAN-CVE-2010-4531

Description

Stack-based buffer overflow in the ATRDecodeAtr function in the Answer-to-Reset (ATR) Handler (atrhandler.c) for pcscd in PCSC-Lite 1.5.3, and possibly other 1.5.x and 1.6.x versions, allows physically proximate attackers to cause a denial of service (crash) and possibly execute arbitrary code via a smart card with an ATR message containing a long attribute value.

Affected packages (2)

Debian/pcsc-litefrom 0, < 1.5.5-4
Debian/pcsc-litefrom 0, < 1.4.102-1+lenny4

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2010-4531