Vulnerabilities > Opensc Project > Opensc > 0.11.7

DATE CVE VULNERABILITY TITLE RISK
2011-01-07 CVE-2010-4523 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Opensc-Project Opensc
Multiple stack-based buffer overflows in libopensc in OpenSC 0.11.13 and earlier allow physically proximate attackers to execute arbitrary code via a long serial-number field on a smart card, related to (1) card-acos5.c, (2) card-atrust-acos.c, and (3) card-starcos.c.
local
low complexity
opensc-project CWE-119
7.2
7.2
2009-05-11 CVE-2009-1603 Cleartext Storage of Sensitive Information vulnerability in multiple products
src/tools/pkcs11-tool.c in pkcs11-tool in OpenSC 0.11.7, when used with unspecified third-party PKCS#11 modules, generates RSA keys with incorrect public exponents, which allows attackers to read the cleartext form of messages that were intended to be encrypted.
network
low complexity
opensc-project fedoraproject CWE-312
7.5
7.5