Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

OpenSC Multiple Vulnerabilities-Dec19 (Windows)

Information

Severity

Severity

Medium

Family

Family

General

CVSSv2 Base

CVSSv2 Base

5.0

CVSSv2 Vector

CVSSv2 Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Solution Type

Solution Type

Vendor Patch

Created

Created

4 years ago

Modified

Modified

4 years ago

Summary

This host is installed with OpenSC and is prone to multiple vulnerabilities.

Insight

Insight

Multiple flaws are due to, - The libopensc/card-setcos.c has an incorrect read operation during parsing of a SETCOS file attribute. - The libopensc/pkcs15-prkey.c has an incorrect free operation in sc_pkcs15_decode_prkdf_entry. - The libopensc/card-cac1.c mishandles buffer limits for CAC certificates.

Affected Software

Affected Software

OpenSC through 0.19.0 and 0.20.x through 0.20.0-rc3.

Detection Method

Detection Method

Checks if a vulnerable version is present on the target host.

Solution

Solution

Apply the provided patches or update to a newer version.

Common Vulnerabilities and Exposures (CVE)