CVEs-PoC/2010/CVE-2010-4523.md

### [CVE-2010-4523](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4523)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=%3D%20n%2Fa%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

Multiple stack-based buffer overflows in libopensc in OpenSC 0.11.13 and earlier allow physically proximate attackers to execute arbitrary code via a long serial-number field on a smart card, related to (1) card-acos5.c, (2) card-atrust-acos.c, and (3) card-starcos.c.

### POC

#### Reference
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=607427
- http://www.h-online.com/open/news/item/When-a-smart-card-can-root-your-computer-1154829.html

#### Github
No PoCs found on GitHub currently.