DescriptionBuffer overflow in the ccid_card_vscard_handle_message function in hw/ccid-card-passthru.c in QEMU before 0.15.2 and 1.x before 1.0-rc4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted VSC_ATR message.
Overall state of this security issue: Does not affect SUSE products
This issue is currently rated as having important severity.
|National Vulnerability Database|
|Access Vector||Adjacent Network|
SUSE Timeline for this CVECVE page created: Tue Jul 9 19:19:08 2013
CVE page last modified: Fri Oct 7 12:46:10 2022