[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250363

 
 

909

 
 

196124

 
 

282

Paid content will be excluded from the download.


Download | Alert*


oval:org.secpod.oval:def:61802
yubico-piv-tool: Command line tool for the YubiKey PIV applet Yubico PIV Tool could be made to crash or run programs as an administrator if it received specially crafted input.

oval:org.secpod.oval:def:705377
yubico-piv-tool: Command line tool for the YubiKey PIV applet Yubico PIV Tool could be made to crash or run programs as an administrator if it received specially crafted input.

oval:org.secpod.oval:def:2000404
A buffer overflow issue was discovered in the Yubico-Piv 1.5.0 smartcard driver. The file lib/ykpiv.c contains the following code in the function `ykpiv_transfer_data`: {% highlight c %} if { fprintf; } if { memcpy; out_data += recv_len - 2; *out_len += recv_len - 2; } {% endhighlight %} -- it is cl ...

oval:org.secpod.oval:def:89050901
This update for yubico-piv-tool fixes the following issues: Security issues fixed: - Fixed an buffer overflow and an out of bounds memory read in ykpiv_transfer_data, which could be triggered by a malicious token. - Fixed an buffer overflow and an out of bounds memory read in _ykpiv_fetch_object, w ...

CWE    1
CWE-119
*CVE
CVE-2018-14779

© SecPod Technologies