CVE-2018-14438

2018-07-20T00:29:00
ID CVE-2018-14438
Type cve
Reporter cve@mitre.org
Modified 2018-09-17T13:56:00

Description

In Wireshark through 2.6.2, the create_app_running_mutex function in wsutil/file_util.c calls SetSecurityDescriptorDacl to set a NULL DACL, which allows attackers to modify the access control arbitrarily.