OpenSC - "Get Serial Number" Stack-based Buffer Overflow

    Type

  • OpenSC - “Get Serial Number” Stack-based Buffer Overflow

    • Severity

  • High

    • Affected products

  • OpenSC

    • Date

  • 2010-12-13

    • CVE Reference

  • N/A

MWR InfoSecurity identified a vulnerability in OpenSC. The vulnerability can be triggered using a malicious smart card. An attacker could use this vulnerability to execute arbitrary code in the target system. To successfully exploit this vulnerability the attacker will be required to insert a specially crafted smart card in the target system.