Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:24238
HistoryApr 10, 2020 - 12:49 a.m.

Arbitrary Code Execution

2020-04-1000:49:55
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

wireshark is vulnerable to arbitrary code execution. The vulnerability exists as multiple buffer overflow flaws were found in the Wireshark SigComp Universal Decompressor Virtual Machine (UDVM) dissector. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark.

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

Related for VERACODE:24238