Arbitrary File Creation Overwrite Vulnerability in OpenSC by OpenSC
CVE-2013-1866

6.1MEDIUM

Key Information:

Vendor: Opensc
Status: Opensc.tokend
Vendor: CVE Published:; 30 January 2020

What is CVE-2013-1866?

OpenSC.tokend contains a vulnerability that allows an attacker to create or overwrite files on the system, potentially leading to unauthorized execution of malicious files or data loss. This weakness can be exploited if the application fails to properly validate file paths or user inputs, compromising the integrity and confidentiality of the system. It emphasizes the importance of secure coding practices and regular patching to mitigate such threats.

Affected Version(s)

OpenSC.tokend 2013

References

http://www.securityfocus.com/bid/58620

x_refsource_MISC

https://exchange.xforce.ibmcloud.com/vulnerabilities/82987

x_refsource_MISC

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 30, 2020
Vulnerability Reserved
Feb 19, 2013

CVE-2013-1866 Data

JSON

Opensc

What is CVE-2013-1866?

Affected Version(s)

References

CVSS V3.1

Timeline