CVE-2010-2284
HIGH severity · CVSS 8.3 · Memory corruption
8.3CVSS HIGH
Summary
Buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors.
Impact & exploitability
Attack vectorAdjacent
Attack complexityLow
Privileges required—
User interaction—
Confidentiality impact—
Integrity impact—
Availability impact—
Exploit probability (EPSS)1%
AV:A/AC:L/Au:N/C:C/I:C/A:C
Affected products we track (1)
Recommendation
Apply the vendor fix promptly. Open any affected product above for its exact safe version.
Additional information
- NVD record
- http://secunia.com/advisories/40112Advisory
- http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html
- http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
- http://secunia.com/advisories/42877
- http://secunia.com/advisories/43068
- http://www.mandriva.com/security/advisories?name=MDVSA-2010:113
- http://www.mandriva.com/security/advisories?name=MDVSA-2010:144
- http://www.openwall.com/lists/oss-security/2010/06/11/1