Stack-based Buffer Overflow in libopensc: Arbitrary Code Execution via Long Serial-Number Field on Smart Card

Stack-based Buffer Overflow in libopensc: Arbitrary Code Execution via Long Serial-Number Field on Smart Card

CVE-2010-4523 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

Multiple stack-based buffer overflows in libopensc in OpenSC 0.11.13 and earlier allow physically proximate attackers to execute arbitrary code via a long serial-number field on a smart card, related to (1) card-acos5.c, (2) card-atrust-acos.c, and (3) card-starcos.c.

Learn more about our Physical Security Assessment.