Lucene search

K
cve[email protected]CVE-2010-4300
HistoryNov 26, 2010 - 7:00 p.m.

CVE-2010-4300

2010-11-2619:00:00
CWE-119
web.nvd.nist.gov
26
cve-2010-4300
wireshark
ldss dissector
buffer overflow
denial of service
remote code execution
nvd

7.8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.312 Low

EPSS

Percentile

96.9%

Heap-based buffer overflow in the dissect_ldss_transfer function (epan/dissectors/packet-ldss.c) in the LDSS dissector in Wireshark 1.2.0 through 1.2.12 and 1.4.0 through 1.4.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an LDSS packet with a long digest line that triggers memory corruption.

References

7.8 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.312 Low

EPSS

Percentile

96.9%

Related for CVE-2010-4300