CVE-2009-0368
published 2009-03-02CVE-2009-0368: OpenSC before 0.11.7 allows physically proximate attackers to bypass intended PIN requirements and read private data objects via a (1) low level APDU command…
low2.1CVSS 3.1
AVLACLAuNCPINAN
EXPLOIT
OpenSC before 0.11.7 allows physically proximate attackers to bypass intended PIN requirements and read private data objects via a (1) low level APDU command or (2) debugging tool, as demonstrated by reading the 4601 or 4701 file with the opensc-explorer or opensc-tool program.
Affected
33 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | opensc | < opensc 0.11.7-1 (bookworm) | opensc 0.11.7-1 (bookworm) |
| opensc-project | opensc | <= 0.11.6 | — |
| opensc-project | opensc | — | — |
| opensc-project | opensc | — | — |
| opensc-project | opensc | — | — |
| opensc-project | opensc | — | — |
| opensc-project | opensc | — | — |
| opensc-project | opensc | — | — |
| opensc-project | opensc | — | — |
| opensc-project | opensc | — | — |
| opensc-project | opensc | — | — |
| opensc-project | opensc | — | — |
| opensc-project | opensc | — | — |
| opensc-project | opensc | — | — |
| opensc-project | opensc | — | — |
| opensc-project | opensc | — | — |
| opensc-project | opensc | — | — |
| opensc-project | opensc | — | — |
| opensc-project | opensc | — | — |
| opensc-project | opensc | — | — |
| opensc-project | opensc | — | — |
| opensc-project | opensc | — | — |
| opensc-project | opensc | — | — |
| opensc-project | opensc | — | — |
| opensc-project | opensc | — | — |
CVSS provenance
nvd2.1LOWAV:L/AC:L/Au:N/C:P/I:N/A:N
osv2.1LOW