1
PublicDateAtUSN: 2011-01-18
2
Candidate: CVE-2010-4531
5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4531
6
http://labs.mwrinfosecurity.com/files/Advisories/mwri_pcsc-atr-handler-buffer-overflow_2010-12-13.pdf
7
https://usn.ubuntu.com/usn/usn-1125-1
9
Stack-based buffer overflow in the ATRDecodeAtr function in the
10
Answer-to-Reset (ATR) Handler (atrhandler.c) for pcscd in PCSC-Lite 1.5.3,
11
and possibly other 1.5.x and 1.6.x versions, allows physically proximate
12
attackers to cause a denial of service (crash) and possibly execute
13
arbitrary code via a smart card with an ATR message containing a long
18
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=607781
19
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4531
21
Discovered-by: Rafael Dominguez Vega
25
upstream: http://lists.alioth.debian.org/pipermail/pcsclite-cvs-commit/2010-November/004923.html
26
upstream_pcsc-lite: needs-triage
27
dapper_pcsc-lite: ignored (reached end-of-life)
28
hardy_pcsc-lite: ignored (reached end-of-life)
29
karmic_pcsc-lite: released (1.5.3-1ubuntu1.2)
30
lucid_pcsc-lite: released (1.5.3-1ubuntu4.2)
31
maverick_pcsc-lite: released (1.5.5-3ubuntu2.1)
32
natty_pcsc-lite: not-affected (1.7.0-2ubuntu2)
33
oneiric_pcsc-lite: not-affected (1.7.0-2ubuntu2)
34
devel_pcsc-lite: not-affected (1.7.0-2ubuntu2)