wireshark -- multiple vulnerabilities

2009-04-0600:00:00

vuxml.freebsd.org

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.939 High

EPSS

Percentile

99.1%

JSON

Wireshark team reports:

Wireshark 1.0.7 fixes the following vulnerabilities:

The PROFINET dissector was vulnerable to a format
string overflow. (Bug 3382) Versions affected: 0.99.6 to
1.0.6, CVE-2009-1210.
The Check Point High-Availability Protocol (CPHAP)
dissector could crash. (Bug 3269) Versions affected: 0.9.6
to 1.0.6; CVE-2009-1268.
Wireshark could crash while loading a Tektronix .rf5
file. (Bug 3366) Versions affected: 0.99.6 to 1.0.6,
CVE-2009-1269.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchethereal< 1.0.7UNKNOWN
FreeBSDanynoarchethereal-lite< 1.0.7UNKNOWN
FreeBSDanynoarchtethereal< 1.0.7UNKNOWN
FreeBSDanynoarchtethereal-lite< 1.0.7UNKNOWN
FreeBSDanynoarchwireshark< 1.0.7UNKNOWN
FreeBSDanynoarchwireshark-lite< 1.0.7UNKNOWN

OS	Version	Architecture	Package	Version	Filename
FreeBSD	any	noarch	ethereal	< 1.0.7	UNKNOWN
FreeBSD	any	noarch	ethereal-lite	< 1.0.7	UNKNOWN
FreeBSD	any	noarch	tethereal	< 1.0.7	UNKNOWN
FreeBSD	any	noarch	tethereal-lite	< 1.0.7	UNKNOWN
FreeBSD	any	noarch	wireshark	< 1.0.7	UNKNOWN
FreeBSD	any	noarch	wireshark-lite	< 1.0.7	UNKNOWN