CVE-2009-1603 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	7.5 HIGH	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Base Score

CVSS 3.x

EPSS Score

Percentile: 77%

Affected Products (NVD)

Vendor	Product	Version
opensc-project	opensc	0.11.7

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

opensc

bookworm	0.23.0-0.3+deb12u1 fixed
bullseye	0.21.0-1 fixed
etch	not-affected
lenny	not-affected
sid	0.25.1-2 fixed
trixie	0.25.1-2 fixed

Ubuntu Releases

Ubuntu Product

Codename

opensc

dapper	not-affected
hardy	not-affected
intrepid	not-affected
jaunty	not-affected
karmic	ignored
lucid	not-affected
maverick	not-affected
natty	not-affected

Common Weakness Enumeration

CWE-312 - Cleartext Storage of Sensitive Information
The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.

References

http://secunia.com/advisories/35035

http://secunia.com/advisories/35293

http://secunia.com/advisories/35309

http://secunia.com/advisories/36074

http://security.gentoo.org/glsa/glsa-200908-01.xml

http://www.mandriva.com/security/advisories?name=MDVSA-2009:123

http://www.opensc-project.org/pipermail/opensc-announce/2009-May/000025.html

http://www.openwall.com/lists/oss-security/2009/05/08/1

http://www.vupen.com/english/advisories/2009/1295

https://www.redhat.com/archives/fedora-package-announce/2009-June/msg00095.html

https://www.redhat.com/archives/fedora-package-announce/2009-June/msg00097.html

https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01420.html

https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01432.html

http://secunia.com/advisories/35035

http://secunia.com/advisories/35293

http://secunia.com/advisories/35309

http://secunia.com/advisories/36074

http://security.gentoo.org/glsa/glsa-200908-01.xml

http://www.mandriva.com/security/advisories?name=MDVSA-2009:123

http://www.opensc-project.org/pipermail/opensc-announce/2009-May/000025.html

http://www.openwall.com/lists/oss-security/2009/05/08/1

http://www.vupen.com/english/advisories/2009/1295

https://www.redhat.com/archives/fedora-package-announce/2009-June/msg00095.html

https://www.redhat.com/archives/fedora-package-announce/2009-June/msg00097.html

https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01420.html

https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01432.html