suse · CVE-2010-0407

Quick triage

Priority: medium Published: 2021-05-30 12:50:19 UTC Updated: 2026-04-18 20:14:39 UTC

View at Official suse advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2010-0407 severity moderate: SUSE including 51 source package names (libpcsclite1-1.8.10-3.4, libpcsclite1-1.8.10-3.7, …), 89 product×package rows across 39 product lines (SUSE Linux Enterprise Desktop 12, SUSE Linux Enterprise Desktop 12 SP1, … (39 product lines)): Fixed 89.

Description:

Multiple buffer overflows in the MSGFunctionDemarshall function in winscard_svc.c in the PC/SC Smart Card daemon (aka PCSCD) in MUSCLE PCSC-Lite before 1.5.4 allow local users to gain privileges via crafted message data, which is improperly demarshalled.

cvelogic Threat Intelligence