OSVDB ID: 79623

Title: Sequoia AVC Advantage Results Cartridge Integrity Validation Failure Malware Injection

Info

Disclosure

Oct 17, 2008

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

Sequoia AVC Advantage contains a flaw related to the handling of results cartridges as these are not properly verified once inserted. This may allow an attacker to manipulate election results or ballot definitions by either inserting a fraudulent results cartridge or tricking a pollworkers into inserting one.

Classification

Location: Physical Access Required
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Solution Unknown
Exploit: Exploit Public
Disclosure: Uncoordinated Disclosure

Solution

OSVDB is not aware of a solution for this vulnerability.

Products

Sequoia Voting Systems	AVC Advantage	9.00G
		9.00H

References

Related OSVDB ID: 58082 79619 79620 79621 79622 79624 79625 79626
Other Advisory URL: http://citp.princeton.edu/voting/advantage/appel-expert-report-unredacted.pdf
https://freedom-to-tinker.com/blog/appel/court-permits-release-unredacted-report-avc-advantage
https://freedom-to-tinker.com/blog/appel/report-sequioa-avc-advantage

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/79623

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

Sequoia Voting Systems

AVC Advantage

References

Credit