CVE-2008-3972

NONECVSS 0.0

0.0

pkcs15-tool in OpenSC before 0.11.6 does not apply security updates to a smart card unless the card's label matches the "OpenSC" string, which might allow physically proximate attackers to exploit vulnerabilities that the card owner expected were patched, as demonstrated by exploitation of CVE-2008-2235.

🔗 References (14)

cve@mitrehttp://lists.opensuse.org/opensuse-security-announce/2008-09/msg00005.html
cve@mitrehttp://secunia.com/advisories/32099
cve@mitrehttp://secunia.com/advisories/34362
cve@mitrehttp://www.opensc-project.org/pipermail/opensc-announce/2008-August/000021.html
cve@mitrehttp://www.openwall.com/lists/oss-security/2008/09/09/14
cve@mitrehttps://exchange.xforce.ibmcloud.com/vulnerabilities/45045
cve@mitrehttps://www.redhat.com/archives/fedora-package-announce/2009-March/msg00686.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00005.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/32099
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/34362
af854a3a-2127-422b-91ae-364da2661108http://www.opensc-project.org/pipermail/opensc-announce/2008-August/000021.html
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2008/09/09/14
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/45045
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2009-March/msg00686.html

Is Your Infrastructure Affected by CVE-2008-3972?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2008-3972

📅 Published

🔄 Last Modified

🔗 References (14)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2008-3972?