CVE-2011-3360

2011-09-2010:55:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

126

cve-2011-3360

wireshark

vulnerability

privileges

lua script

nvd

6.1 Medium

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.974 High

EPSS

Percentile

99.9%

JSON

Untrusted search path vulnerability in Wireshark 1.4.x before 1.4.9 and 1.6.x before 1.6.2 allows local users to gain privileges via a Trojan horse Lua script in an unspecified directory.

CPENameOperatorVersion
wireshark:wiresharkwiresharkeq1.4.7
wireshark:wiresharkwiresharkeq1.4.2
wireshark:wiresharkwiresharkeq1.4.0
wireshark:wiresharkwiresharkeq1.4.5
wireshark:wiresharkwiresharkeq1.4.4
wireshark:wiresharkwiresharkeq1.4.6
wireshark:wiresharkwiresharkeq1.4.3
wireshark:wiresharkwiresharkeq1.4.1
wireshark:wiresharkwiresharkeq1.4.8
wireshark:wiresharkwiresharkeq1.6.0

CPE	Name	Operator	Version
wireshark:wireshark	wireshark	eq	1.4.7
wireshark:wireshark	wireshark	eq	1.4.2
wireshark:wireshark	wireshark	eq	1.4.0
wireshark:wireshark	wireshark	eq	1.4.5
wireshark:wireshark	wireshark	eq	1.4.4
wireshark:wireshark	wireshark	eq	1.4.6
wireshark:wireshark	wireshark	eq	1.4.3
wireshark:wireshark	wireshark	eq	1.4.1
wireshark:wireshark	wireshark	eq	1.4.8
wireshark:wireshark	wireshark	eq	1.6.0