Lucene search

K
cve[email protected]CVE-2014-6431
HistorySep 20, 2014 - 10:55 a.m.

CVE-2014-6431

2014-09-2010:55:06
CWE-119
web.nvd.nist.gov
50
cve-2014-6431
buffer overflow
snifferdecompress
wireshark
nvd
dos
remote attackers
denial of service

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.4 Medium

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

72.8%

Buffer overflow in the SnifferDecompress function in wiretap/ngsniffer.c in the DOS Sniffer file parser in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 allows remote attackers to cause a denial of service (application crash) via a crafted file that triggers writes of uncompressed bytes beyond the end of the output buffer.

Affected configurations

NVD
Node
wiresharkwiresharkMatch1.10.0
OR
wiresharkwiresharkMatch1.10.1
OR
wiresharkwiresharkMatch1.10.2
OR
wiresharkwiresharkMatch1.10.3
OR
wiresharkwiresharkMatch1.10.4
OR
wiresharkwiresharkMatch1.10.5
OR
wiresharkwiresharkMatch1.10.6
OR
wiresharkwiresharkMatch1.10.7
OR
wiresharkwiresharkMatch1.10.8
OR
wiresharkwiresharkMatch1.10.9
OR
wiresharkwiresharkMatch1.12.0

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.4 Medium

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

72.8%