Your submission was sent successfully! Close

CVE-2010-0407

Published: 18 June 2010

Multiple buffer overflows in the MSGFunctionDemarshall function in winscard_svc.c in the PC/SC Smart Card daemon (aka PCSCD) in MUSCLE PCSC-Lite before 1.5.4 allow local users to gain privileges via crafted message data, which is improperly demarshalled.

Priority

Medium

Status

Package Release Status
pcsc-lite
Launchpad, Ubuntu, Debian
Upstream
Released (1.5.5)
Patches:
Vendor: http://www.debian.org/security/2010/dsa-2059
Vendor: http://lwn.net/Articles/394855/ (regression fix for above)