ID CVE-2010-4530
Summary Signedness error in ccid_serial.c in libccid in the USB Chip/Smart Card Interface Devices (CCID) driver, as used in pcscd in PCSC-Lite 1.5.3 and possibly other products, allows physically proximate attackers to execute arbitrary code via a smart card with a crafted serial number that causes a negative value to be used in a memcpy operation, which triggers a buffer overflow. NOTE: some sources refer to this issue as an integer overflow.
References
Vulnerable Configurations
  • cpe:2.3:a:muscle:pcsc-lite:1.5.3:*:*:*:*:*:*:*
    cpe:2.3:a:muscle:pcsc-lite:1.5.3:*:*:*:*:*:*:*
CVSS
Base: 4.4 (as of 17-08-2017 - 01:33)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
LOCAL MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:L/AC:M/Au:N/C:P/I:P/A:P
redhat via4
advisories
  • bugzilla
    id 664986
    title CVE-2010-4530 CCID: Integer overflow, leading to array index error when processing crafted serial number of certain cards
    oval
    AND
    • comment ccid is earlier than 0:1.3.9-6.el6
      oval oval:com.redhat.rhsa:tst:20130523005
    • comment ccid is signed with Red Hat redhatrelease2 key
      oval oval:com.redhat.rhsa:tst:20130523006
    • OR
      • comment Red Hat Enterprise Linux 6 Client is installed
        oval oval:com.redhat.rhba:tst:20111656001
      • comment Red Hat Enterprise Linux 6 Server is installed
        oval oval:com.redhat.rhba:tst:20111656002
      • comment Red Hat Enterprise Linux 6 Workstation is installed
        oval oval:com.redhat.rhba:tst:20111656003
      • comment Red Hat Enterprise Linux 6 ComputeNode is installed
        oval oval:com.redhat.rhba:tst:20111656004
    rhsa
    id RHSA-2013:0523
    released 2013-02-21
    severity Low
    title RHSA-2013:0523: ccid security and bug fix update (Low)
  • bugzilla
    id 664986
    title CVE-2010-4530 CCID: Integer overflow, leading to array index error when processing crafted serial number of certain cards
    oval
    AND
    • comment Red Hat Enterprise Linux 5 is installed
      oval oval:com.redhat.rhba:tst:20070331001
    • comment ccid is earlier than 0:1.3.8-2.el5
      oval oval:com.redhat.rhsa:tst:20131323002
    • comment ccid is signed with Red Hat redhatrelease key
      oval oval:com.redhat.rhsa:tst:20131323003
    rhsa
    id RHSA-2013:1323
    released 2013-09-30
    severity Low
    title RHSA-2013:1323: ccid security and bug fix update (Low)
rpms
  • ccid-0:1.3.9-6.el6
  • ccid-0:1.3.8-2.el5
refmap via4
bid 45806
confirm
fedora
  • FEDORA-2011-0143
  • FEDORA-2011-0162
mandriva MDVSA-2011:014
misc http://labs.mwrinfosecurity.com/files/Advisories/mwri_pcsc-libccid-buffer-overflow_2010-12-13.pdf
mlist
  • [oss-security] 20101222 CVE Request -- 1, ccid -- int.overflow leading to array index error 2, pcsc-lite stack-based buffer overflow in ATR decoder [was: CVE request: opensc buffer overflow ]
  • [oss-security] 20110103 Re: CVE Request -- 1, ccid -- int.overflow leading to array index error 2, pcsc-lite stack-based buffer overflow in ATR decoder [was: CVE request: opensc buffer overflow ]
vupen
  • ADV-2011-0100
  • ADV-2011-0179
xf pcsclite-ccid-code-execution(64961)
Last major update 17-08-2017 - 01:33
Published 18-01-2011 - 18:03
Back to Top