| ID |
CVE-2010-4530
|
| Summary |
Signedness error in ccid_serial.c in libccid in the USB Chip/Smart Card Interface Devices (CCID) driver, as used in pcscd in PCSC-Lite 1.5.3 and possibly other products, allows physically proximate attackers to execute arbitrary code via a smart card with a crafted serial number that causes a negative value to be used in a memcpy operation, which triggers a buffer overflow. NOTE: some sources refer to this issue as an integer overflow. |
| References |
|
| Vulnerable Configurations |
|
| CVSS |
| Base: | 4.4 (as of 13-02-2023 - 03:20) |
| Impact: | |
| Exploitability: | |
|
| CWE |
CWE-189 |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| LOCAL |
MEDIUM |
NONE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| PARTIAL |
PARTIAL |
PARTIAL |
|
| cvss-vector
via4
|
AV:L/AC:M/Au:N/C:P/I:P/A:P
|
| redhat
via4
|
| advisories | | bugzilla | | id | 664986 | | title | CVE-2010-4530 CCID: Integer overflow, leading to array index error when processing crafted serial number of certain cards |
| | oval | | OR | | comment | Red Hat Enterprise Linux must be installed | | oval | oval:com.redhat.rhba:tst:20070304026 |
| AND | | comment | Red Hat Enterprise Linux 6 is installed | | oval | oval:com.redhat.rhba:tst:20111656003 |
| comment | ccid is earlier than 0:1.3.9-6.el6 | | oval | oval:com.redhat.rhsa:tst:20130523001 |
| comment | ccid is signed with Red Hat redhatrelease2 key | | oval | oval:com.redhat.rhsa:tst:20130523002 |
|
|
| | rhsa | | id | RHSA-2013:0523 | | released | 2013-02-20 | | severity | Low | | title | RHSA-2013:0523: ccid security and bug fix update (Low) |
|
| bugzilla | | id | 664986 | | title | CVE-2010-4530 CCID: Integer overflow, leading to array index error when processing crafted serial number of certain cards |
| | oval | | OR | | comment | Red Hat Enterprise Linux must be installed | | oval | oval:com.redhat.rhba:tst:20070304026 |
| AND | | comment | Red Hat Enterprise Linux 5 is installed | | oval | oval:com.redhat.rhba:tst:20070331005 |
| comment | ccid is earlier than 0:1.3.8-2.el5 | | oval | oval:com.redhat.rhsa:tst:20131323001 |
| comment | ccid is signed with Red Hat redhatrelease key | | oval | oval:com.redhat.rhsa:tst:20131323002 |
|
|
| | rhsa | | id | RHSA-2013:1323 | | released | 2013-09-30 | | severity | Low | | title | RHSA-2013:1323: ccid security and bug fix update (Low) |
|
| | rpms | - ccid-0:1.3.9-6.el6
- ccid-debuginfo-0:1.3.9-6.el6
- ccid-0:1.3.8-2.el5
- ccid-debuginfo-0:1.3.8-2.el5
|
|
| refmap
via4
|
| bid | 45806 | | confirm | | | fedora | - FEDORA-2011-0143
- FEDORA-2011-0162
| | mandriva | MDVSA-2011:014 | | misc | http://labs.mwrinfosecurity.com/files/Advisories/mwri_pcsc-libccid-buffer-overflow_2010-12-13.pdf | | mlist | - [oss-security] 20101222 CVE Request -- 1, ccid -- int.overflow leading to array index error 2, pcsc-lite stack-based buffer overflow in ATR decoder [was: CVE request: opensc buffer overflow ]
- [oss-security] 20110103 Re: CVE Request -- 1, ccid -- int.overflow leading to array index error 2, pcsc-lite stack-based buffer overflow in ATR decoder [was: CVE request: opensc buffer overflow ]
| | vupen | - ADV-2011-0100
- ADV-2011-0179
| | xf | pcsclite-ccid-code-execution(64961) |
|
| Last major update |
13-02-2023 - 03:20 |
| Published |
18-01-2011 - 18:03 |
| Last modified |
13-02-2023 - 03:20 |
