OpenSC.tokend CVE-2013-1866 Arbitrary File Creation or Overwrite Vulnerability
BID:58620
CVE-2013-1866 |Info
OpenSC.tokend CVE-2013-1866 Arbitrary File Creation or Overwrite Vulnerability
| Bugtraq ID: | 58620 |
| Class: | Design Error |
| CVE: |
CVE-2013-1866 |
| Remote: | No |
| Local: | Yes |
| Published: | Mar 20 2013 12:00AM |
| Updated: | Mar 20 2013 12:00AM |
| Credit: | Dirk-Willem van Gulik |
| Vulnerable: |
OpenSC OpenSC.tokend 0 |
| Not Vulnerable: | |
Discussion
OpenSC.tokend CVE-2013-1866 Arbitrary File Creation or Overwrite Vulnerability
OpenSC.tokend is prone to a vulnerability that allows attackers to create or overwrite arbitrary files on a vulnerable computer.
An attacker can exploit this issue to create or overwrite arbitrary files on the computer running the affected application. This may aid in further attacks.
OpenSC.tokend is prone to a vulnerability that allows attackers to create or overwrite arbitrary files on a vulnerable computer.
An attacker can exploit this issue to create or overwrite arbitrary files on the computer running the affected application. This may aid in further attacks.
Exploit / POC
OpenSC.tokend CVE-2013-1866 Arbitrary File Creation or Overwrite Vulnerability
An attacker requires physical access to exploit the issue.
An attacker requires physical access to exploit the issue.
Solution / Fix
OpenSC.tokend CVE-2013-1866 Arbitrary File Creation or Overwrite Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
OpenSC.tokend CVE-2013-1866 Arbitrary File Creation or Overwrite Vulnerability
References:
References:
- CVE-2013-1866: OpenSC.tokend - privacy leak & arbitrary file creation (Full Disclosure)
- OpenSC Homepage (OpenSC)