漏洞标题
Opensc: 超出范围读取在我的eid驱动程序处理使用对称密钥的加密
漏洞描述信息
Opensc:在处理使用对称密钥的加密时,myeid驱动程序存在越界读取问题
CVSS信息
CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
漏洞类别
跨界内存读
漏洞标题
Opensc: out-of-bounds read in myeid driver handling encryption using symmetric keys
漏洞描述信息
An out-of-bounds read vulnerability was found in OpenSC packages within the MyEID driver when handling symmetric key encryption. Exploiting this flaw requires an attacker to have physical access to the computer and a specially crafted USB device or smart card. This flaw allows the attacker to manipulate APDU responses and potentially gain unauthorized access to sensitive data, compromising the system's security.
CVSS信息
CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:L
漏洞类别
跨界内存读
漏洞标题
OpenSC 安全漏洞
漏洞描述信息
OpenSC是一款开源的智能卡工具和中间件。 OpenSC存在安全漏洞,该漏洞源于存在越界读取漏洞,允许攻击者操纵APDU响应,并可能获得对敏感数据的未经授权访问,从而损害系统的安全。
CVSS信息
N/A
漏洞类别
其他