10
CVE-2008-3146
- EPSS 4.04%
- Veröffentlicht 02.09.2008 14:24:00
- Zuletzt bearbeitet 16.06.2026 22:55:14
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Multiple buffer overflows in packet_ncp2222.inc in Wireshark (formerly Ethereal) 0.9.7 through 1.0.2 allow attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted NCP packet that causes an invalid pointer to be used.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 4.04% | 0.893 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 10 | 10 | 10 |
AV:N/AC:L/Au:N/C:C/I:C/A:C
|
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html
http://secunia.com/advisories/31687
http://secunia.com/advisories/32091
http://support.avaya.com/elmodocs2/security/ASA-2008-392.htm
http://www.redhat.com/support/errata/RHSA-2008-0890.html
http://www.vupen.com/english/advisories/2008/2773
http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2675
http://secunia.com/advisories/31864
http://secunia.com/advisories/31886
http://secunia.com/advisories/32028
http://security.gentoo.org/glsa/glsa-200809-17.xml
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0278
http://www.mandriva.com/security/advisories?name=MDVSA-2008:199
http://www.securityfocus.com/archive/1/496487/100/0/threaded
http://www.securitytracker.com/id?1020819
http://www.wireshark.org/security/wnpa-sec-2008-05.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10624
https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00713.html
https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00715.html