Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2011-1959

Опубликовано: 06 июн. 2011
Источник: nvd
CVSS2: 4.3
EPSS Низкий

Описание

The snoop_read function in wiretap/snoop.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 does not properly handle certain virtualizable buffers, which allows remote attackers to cause a denial of service (application crash) via a large length value in a snoop file that triggers a stack-based buffer over-read.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:wireshark:wireshark:1.2:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.2.0:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.2.1:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.2.2:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.2.3:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.2.4:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.2.5:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.2.6:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.2.7:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.2.8:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.2.9:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.2.10:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.2.11:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.2.12:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.2.13:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.2.14:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.2.15:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.2.16:*:*:*:*:*:*:*
Конфигурация 2

Одно из

cpe:2.3:a:wireshark:wireshark:1.4.0:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.4.1:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.4.2:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.4.3:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.4.4:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.4.5:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.4.6:*:*:*:*:*:*:*

EPSS

Процентиль: 84%
0.0226
Низкий

4.3 Medium

CVSS2

Дефекты

CWE-119

Связанные уязвимости

ubuntu логотип

CVE-2011-1959

ubuntu
около 14 лет назад

The snoop_read function in wiretap/snoop.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 does not properly handle certain virtualizable buffers, which allows remote attackers to cause a denial of service (application crash) via a large length value in a snoop file that triggers a stack-based buffer over-read.

redhat логотип

CVE-2011-1959

redhat
около 14 лет назад

The snoop_read function in wiretap/snoop.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 does not properly handle certain virtualizable buffers, which allows remote attackers to cause a denial of service (application crash) via a large length value in a snoop file that triggers a stack-based buffer over-read.

debian логотип

CVE-2011-1959

debian
около 14 лет назад

The snoop_read function in wiretap/snoop.c in Wireshark 1.2.x before 1 ...

github логотип

GHSA-8qfq-3vq7-6vqq

github
около 3 лет назад

The snoop_read function in wiretap/snoop.c in Wireshark 1.2.x before 1.2.17 and 1.4.x before 1.4.7 does not properly handle certain virtualizable buffers, which allows remote attackers to cause a denial of service (application crash) via a large length value in a snoop file that triggers a stack-based buffer over-read.

oracle-oval логотип

ELSA-2013-0125

oracle-oval
больше 12 лет назад

ELSA-2013-0125: wireshark security, bug fix, and enhancement update (MODERATE)

EPSS

Процентиль: 84%
0.0226
Низкий

4.3 Medium

CVSS2

Дефекты

CWE-119