Arbitrary Code Execution

2020-04-1000:54:00

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

JSON

wireshark is vulnerable to arbitrary code execution. The vulnerability exists as a heap-based buffer overflow flaw was found in Wireshark. If Wireshark opened a specially-crafted capture file, it could crash or, possibly, execute arbitrary code as the user running Wireshark.

CPENameOperatorVersion
wiresharkeq0.99.5__1.el5
wiresharkeq1.0.11__1.el5_5.5
wiresharkeq1.0.6__2.el5_3
wiresharkeq1.0.8__1.el4_8.1
wiresharkeq1.0.11__1.el4_8.5
wiresharkeq0.99.6__1.el5
wiresharkeq1.0.15__1.el4_8.3
wiresharkeq0.99.7__1.el4
wiresharkeq1.0.8__1.el5_3.1
wiresharkeq1.0.3__4.el5_2

Name	Operator	Version
wireshark	eq	0.99.5__1.el5
wireshark	eq	1.0.11__1.el5_5.5
wireshark	eq	1.0.6__2.el5_3
wireshark	eq	1.0.8__1.el4_8.1
wireshark	eq	1.0.11__1.el4_8.5
wireshark	eq	0.99.6__1.el5
wireshark	eq	1.0.15__1.el4_8.3
wireshark	eq	0.99.7__1.el4
wireshark	eq	1.0.8__1.el5_3.1
wireshark	eq	1.0.3__4.el5_2