CVE-2009-1603

Name of the Vulnerable Software and Affected Versions OpenSC versions prior to 0.11.8

Description The issue allows attackers to read the cleartext form of messages that were intended to be encrypted due to incorrect public exponents in generated RSA keys. Exploitation of the vulnerabilities can lead to a breach of confidentiality and can be performed remotely.

Recommendations For OpenSC versions prior to 0.11.8, update to version 0.11.8 or later to resolve the issue. As a temporary workaround, consider avoiding the use of RSA keys generated with affected versions of OpenSC until a patch is applied. Restrict access to sensitive information to minimize the risk of exploitation.