HID ActivID ActivClient 7.1.0.202 Heap Spray / Denial Of Service
Posted on 27 October 2018
HID ActivID ActivClient version 7.1.0.202 may not enforce upper bounds on the size of data received from a smart card, which can lead to attacks such as memory exhaustion, or serve as a heap spraying primitive for other attacks against the software, albeit slowly.