Multiple buffer overflows in the MSGFunctionDemarshall function in winscard_svc.c in the PC/SC Smart Card daemon (aka PCSCD) in MUSCLE PCSC-Lite before 1.5.4 allow local users to gain privileges via crafted message data, which is improperly demarshalled.

Metrics

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication Single

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

The EPSS score is 0.00043.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Muscle
  • Pcsc-lite
Redhat
  • Certificate System
  • Enterprise Linux

Configuration 1 [-]

OR cpe:2.3:a:muscle:pcsc-lite:*:*:*:*:*:*:*:*
cpe:2.3:a:muscle:pcsc-lite:1.1.2:beta2:*:*:*:*:*:*
cpe:2.3:a:muscle:pcsc-lite:1.1.2:beta3:*:*:*:*:*:*
cpe:2.3:a:muscle:pcsc-lite:1.1.2:beta4:*:*:*:*:*:*
cpe:2.3:a:muscle:pcsc-lite:1.1.2:beta5:*:*:*:*:*:*
cpe:2.3:a:muscle:pcsc-lite:1.2.0:*:*:*:*:*:*:*
cpe:2.3:a:muscle:pcsc-lite:1.2.0:rc1:*:*:*:*:*:*
cpe:2.3:a:muscle:pcsc-lite:1.2.0:rc2:*:*:*:*:*:*
cpe:2.3:a:muscle:pcsc-lite:1.2.0:rc3:*:*:*:*:*:*
cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta1:*:*:*:*:*:*
cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta10:*:*:*:*:*:*
cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta2:*:*:*:*:*:*
cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta3:*:*:*:*:*:*
cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta4:*:*:*:*:*:*
cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta5:*:*:*:*:*:*
cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta6:*:*:*:*:*:*
cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta7:*:*:*:*:*:*
cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta8:*:*:*:*:*:*
cpe:2.3:a:muscle:pcsc-lite:1.2.9:beta9:*:*:*:*:*:*
cpe:2.3:a:muscle:pcsc-lite:1.3.0:*:*:*:*:*:*:*
cpe:2.3:a:muscle:pcsc-lite:1.3.1:*:*:*:*:*:*:*
cpe:2.3:a:muscle:pcsc-lite:1.3.2:*:*:*:*:*:*:*
cpe:2.3:a:muscle:pcsc-lite:1.3.3:*:*:*:*:*:*:*
cpe:2.3:a:muscle:pcsc-lite:1.4.0:*:*:*:*:*:*:*
cpe:2.3:a:muscle:pcsc-lite:1.4.1:*:*:*:*:*:*:*
cpe:2.3:a:muscle:pcsc-lite:1.4.2:*:*:*:*:*:*:*
cpe:2.3:a:muscle:pcsc-lite:1.4.3:*:*:*:*:*:*:*
cpe:2.3:a:muscle:pcsc-lite:1.4.4:*:*:*:*:*:*:*
cpe:2.3:a:muscle:pcsc-lite:1.4.99:*:*:*:*:*:*:*
cpe:2.3:a:muscle:pcsc-lite:1.4.100:*:*:*:*:*:*:*
cpe:2.3:a:muscle:pcsc-lite:1.4.101:*:*:*:*:*:*:*
cpe:2.3:a:muscle:pcsc-lite:1.4.102:*:*:*:*:*:*:*
cpe:2.3:a:muscle:pcsc-lite:1.5.0:*:*:*:*:*:*:*
cpe:2.3:a:muscle:pcsc-lite:1.5.1:*:*:*:*:*:*:*
cpe:2.3:a:muscle:pcsc-lite:1.5.2:*:*:*:*:*:*:*
Package CPE Advisory Released Date
Red Hat Certificate System 7.3
ant-0:1.6.5-1jpp_1rh cpe:/a:redhat:certificate_system:7.3 RHSA-2010:0602 2010-08-04T00:00:00Z
avalon-logkit-0:1.2-2jpp_4rh cpe:/a:redhat:certificate_system:7.3 RHSA-2010:0602 2010-08-04T00:00:00Z
axis-0:1.2.1-1jpp_3rh cpe:/a:redhat:certificate_system:7.3 RHSA-2010:0602 2010-08-04T00:00:00Z
classpathx-jaf-0:1.0-2jpp_6rh cpe:/a:redhat:certificate_system:7.3 RHSA-2010:0602 2010-08-04T00:00:00Z
classpathx-mail-0:1.1.1-2jpp_8rh cpe:/a:redhat:certificate_system:7.3 RHSA-2010:0602 2010-08-04T00:00:00Z
geronimo-specs-0:1.0-0.M4.1jpp_10rh cpe:/a:redhat:certificate_system:7.3 RHSA-2010:0602 2010-08-04T00:00:00Z
jakarta-commons-modeler-0:2.0-3jpp_2rh cpe:/a:redhat:certificate_system:7.3 RHSA-2010:0602 2010-08-04T00:00:00Z
log4j-0:1.2.12-1jpp_1rh cpe:/a:redhat:certificate_system:7.3 RHSA-2010:0602 2010-08-04T00:00:00Z
mx4j-1:3.0.1-1jpp_4rh cpe:/a:redhat:certificate_system:7.3 RHSA-2010:0602 2010-08-04T00:00:00Z
pcsc-lite-0:1.3.3-3.el4 cpe:/a:redhat:certificate_system:7.3 RHSA-2010:0602 2010-08-04T00:00:00Z
rhpki-ca-0:7.3.0-20.el4 cpe:/a:redhat:certificate_system:7.3 RHSA-2010:0602 2010-08-04T00:00:00Z
rhpki-java-tools-0:7.3.0-10.el4 cpe:/a:redhat:certificate_system:7.3 RHSA-2010:0602 2010-08-04T00:00:00Z
rhpki-kra-0:7.3.0-14.el4 cpe:/a:redhat:certificate_system:7.3 RHSA-2010:0602 2010-08-04T00:00:00Z
rhpki-manage-0:7.3.0-19.el4 cpe:/a:redhat:certificate_system:7.3 RHSA-2010:0602 2010-08-04T00:00:00Z
rhpki-native-tools-0:7.3.0-6.el4 cpe:/a:redhat:certificate_system:7.3 RHSA-2010:0602 2010-08-04T00:00:00Z
rhpki-ocsp-0:7.3.0-13.el4 cpe:/a:redhat:certificate_system:7.3 RHSA-2010:0602 2010-08-04T00:00:00Z
rhpki-tks-0:7.3.0-13.el4 cpe:/a:redhat:certificate_system:7.3 RHSA-2010:0602 2010-08-04T00:00:00Z
tomcat5-0:5.5.23-0jpp_4rh.16 cpe:/a:redhat:certificate_system:7.3 RHSA-2010:0602 2010-08-04T00:00:00Z
xerces-j2-0:2.7.1-1jpp_1rh cpe:/a:redhat:certificate_system:7.3 RHSA-2010:0602 2010-08-04T00:00:00Z
xml-commons-0:1.3.02-2jpp_1rh cpe:/a:redhat:certificate_system:7.3 RHSA-2010:0602 2010-08-04T00:00:00Z
Red Hat Enterprise Linux 5
pcsc-lite-0:1.4.4-4.el5_5 cpe:/o:redhat:enterprise_linux:5 RHSA-2010:0533 2010-07-14T00:00:00Z

No data.

Advisories
Source ID Title
Debian DSA Debian DSA DSA-2059-1 New pcsc-lite packages fix privilege escalation
Debian DSA Debian DSA DSA-2059-2 New pcsc-lite packages fix regression
EUVD EUVD EUVD-2010-0438 Multiple buffer overflows in the MSGFunctionDemarshall function in winscard_svc.c in the PC/SC Smart Card daemon (aka PCSCD) in MUSCLE PCSC-Lite before 1.5.4 allow local users to gain privileges via crafted message data, which is improperly demarshalled.
Ubuntu USN Ubuntu USN USN-969-1 PCSC-Lite vulnerability
Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References
Link Providers
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10691 cve-icon cve-icon
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 cve-icon cve-icon
http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044124.html cve-icon cve-icon
http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042900.html cve-icon cve-icon
http://lists.fedoraproject.org/pipermail/package-announce/2010-June/042921.html cve-icon cve-icon
http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html cve-icon cve-icon
http://secunia.com/advisories/40140 cve-icon cve-icon
http://secunia.com/advisories/40239 cve-icon cve-icon
http://svn.debian.org/wsvn/pcsclite/?sc=1&rev=4208 cve-icon cve-icon
http://www.debian.org/security/2010/dsa-2059 cve-icon cve-icon
http://www.securityfocus.com/bid/40758 cve-icon cve-icon
http://www.vupen.com/english/advisories/2010/1427 cve-icon cve-icon
http://www.vupen.com/english/advisories/2010/1508 cve-icon cve-icon
https://bugzilla.redhat.com/show_bug.cgi?id=596426 cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2010-0407 cve-icon
https://www.cve.org/CVERecord?id=CVE-2010-0407 cve-icon
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2024-08-07T00:45:12.239Z

Reserved: 2010-01-27T00:00:00

Link: CVE-2010-0407

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Deferred

Published: 2010-06-18T16:30:01.343

Modified: 2025-04-11T00:51:21.963

Link: CVE-2010-0407

cve-icon Redhat

Severity : Moderate

Publid Date: 2010-06-10T00:00:00Z

Links: CVE-2010-0407 - Bugzilla

cve-icon OpenCVE Enrichment

No data.