Debian Security Advisory
DSA-2156-1 pcscd -- buffer overflow
- Date Reported:
- 31 Jan 2011
- Affected Packages:
- pcscd
- Vulnerable:
- Yes
- Security database references:
- In Mitre's CVE dictionary: CVE-2010-4531.
- More information:
-
MWR InfoSecurity identified a buffer overflow in pcscd, middleware to access a smart card via PC/SC, which could lead to the execution of arbitrary code.
For the stable distribution (lenny), this problem has been fixed in version 1.4.102-1+lenny4.
For the testing distribution (squeeze), this problem has been fixed in version 1.5.5-4.
For the unstable distribution (sid), this problem has been fixed in version 1.5.5-4.
We recommend that you upgrade your pcscd packages.