Upstream information
Description
OpenSC before 0.11.7 allows physically proximate attackers to bypass intended PIN requirements and read private data objects via a (1) low level APDU command or (2) debugging tool, as demonstrated by reading the 4601 or 4701 file with the opensc-explorer or opensc-tool program.NVD CVSS v2 Base Score: 2.1 (AV:L/AC:L/Au:N/C:P/I:N/A:N)
Novell/SUSE information
Novell Bugzilla entry: 480262, 548555 SUSE Security Advisories:- SUSE-SR:2009:010, published Tue, 12 May 2009 08:00:00 +0000
