CVE-2010-4531

EPSS 0.28%

pcsc-lite - buffer overflow

發布日:2011/1/18修改日:2026/4/28

描述

Stack-based buffer overflow in the ATRDecodeAtr function in the Answer-to-Reset (ATR) Handler (atrhandler.c) for pcscd in PCSC-Lite 1.5.3, and possibly other 1.5.x and 1.6.x versions, allows physically proximate attackers to cause a denial of service (crash) and possibly execute arbitrary code via a smart card with an ATR message containing a long attribute value.

受影響套件(2)

Debian/pcsc-litefrom 0, < 1.5.5-4
Debian/pcsc-litefrom 0, < 1.4.102-1+lenny4

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2010-4531