CVE-2010-2287
6.5 Medium
AI Score
Confidence
Low
8.3 High
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:A/AC:L/Au:N/C:C/I:C/A:C
0.516 Medium
EPSS
Percentile
97.5%
Buffer overflow in the SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.8 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors.
References
lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html
lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
secunia.com/advisories/40112
secunia.com/advisories/42877
secunia.com/advisories/43068
www.mandriva.com/security/advisories?name=MDVSA-2010:113
www.mandriva.com/security/advisories?name=MDVSA-2010:144
www.openwall.com/lists/oss-security/2010/06/11/1
www.securityfocus.com/bid/40728
www.vupen.com/english/advisories/2010/1418
www.vupen.com/english/advisories/2011/0076
www.vupen.com/english/advisories/2011/0212
www.wireshark.org/security/wnpa-sec-2010-05.html
www.wireshark.org/security/wnpa-sec-2010-06.html
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11836
Related
6.5 Medium
AI Score
Confidence
Low
8.3 High
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:A/AC:L/Au:N/C:C/I:C/A:C
0.516 Medium
EPSS
Percentile
97.5%