First published: Thu Jun 10 2010(Updated: )
Multiple buffer overflows in the MSGFunctionDemarshall function in winscard_svc.c in the PC/SC Smart Card daemon (aka PCSCD) in MUSCLE PCSC-Lite before 1.5.4 allow local users to gain privileges via crafted message data, which is improperly demarshalled.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
MUSCLE PCSC-Lite | =1.2.9-beta7 | |
MUSCLE PCSC-Lite | =1.4.3 | |
MUSCLE PCSC-Lite | =1.2.0-rc2 | |
MUSCLE PCSC-Lite | =1.3.1 | |
MUSCLE PCSC-Lite | =1.2.9-beta6 | |
MUSCLE PCSC-Lite | =1.2.9-beta1 | |
MUSCLE PCSC-Lite | =1.1.2-beta5 | |
MUSCLE PCSC-Lite | =1.2.9-beta8 | |
MUSCLE PCSC-Lite | =1.2.9-beta2 | |
MUSCLE PCSC-Lite | =1.2.9-beta5 | |
MUSCLE PCSC-Lite | =1.5.1 | |
MUSCLE PCSC-Lite | =1.1.2-beta3 | |
MUSCLE PCSC-Lite | =1.3.2 | |
MUSCLE PCSC-Lite | =1.4.102 | |
MUSCLE PCSC-Lite | =1.4.100 | |
MUSCLE PCSC-Lite | =1.2.9-beta10 | |
MUSCLE PCSC-Lite | =1.4.1 | |
MUSCLE PCSC-Lite | =1.3.0 | |
MUSCLE PCSC-Lite | =1.4.101 | |
MUSCLE PCSC-Lite | =1.4.0 | |
MUSCLE PCSC-Lite | =1.2.9-beta3 | |
MUSCLE PCSC-Lite | =1.2.0-rc3 | |
MUSCLE PCSC-Lite | =1.2.0 | |
MUSCLE PCSC-Lite | =1.4.2 | |
MUSCLE PCSC-Lite | =1.1.2-beta2 | |
MUSCLE PCSC-Lite | <=1.5.3 | |
MUSCLE PCSC-Lite | =1.4.99 | |
MUSCLE PCSC-Lite | =1.2.9-beta9 | |
MUSCLE PCSC-Lite | =1.3.3 | |
MUSCLE PCSC-Lite | =1.2.0-rc1 | |
MUSCLE PCSC-Lite | =1.4.4 | |
MUSCLE PCSC-Lite | =1.2.9-beta4 | |
MUSCLE PCSC-Lite | =1.5.0 | |
MUSCLE PCSC-Lite | =1.5.2 | |
MUSCLE PCSC-Lite | =1.1.2-beta4 | |
redhat/pcsc-lite | <0:1.3.3-3.el4 | 0:1.3.3-3.el4 |
redhat/rhpki-ca | <0:7.3.0-20.el4 | 0:7.3.0-20.el4 |
redhat/rhpki-java-tools | <0:7.3.0-10.el4 | 0:7.3.0-10.el4 |
redhat/rhpki-kra | <0:7.3.0-14.el4 | 0:7.3.0-14.el4 |
redhat/rhpki-manage | <0:7.3.0-19.el4 | 0:7.3.0-19.el4 |
redhat/rhpki-native-tools | <0:7.3.0-6.el4 | 0:7.3.0-6.el4 |
redhat/rhpki-ocsp | <0:7.3.0-13.el4 | 0:7.3.0-13.el4 |
redhat/rhpki-tks | <0:7.3.0-13.el4 | 0:7.3.0-13.el4 |
redhat/pcsc-lite | <0:1.4.4-4.el5_5 | 0:1.4.4-4.el5_5 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.