3.3
CVE-2008-3934
- EPSS 0.62%
- Veröffentlicht 04.09.2008 19:41:00
- Zuletzt bearbeitet 16.06.2026 22:56:50
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
Unspecified vulnerability in Wireshark (formerly Ethereal) 0.99.6 through 1.0.2 allows attackers to cause a denial of service (crash) via a crafted Tektronix .rf5 file.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.62% | 0.451 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 3.3 | 6.5 | 2.9 |
AV:A/AC:L/Au:N/C:N/I:N/A:P
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
http://secunia.com/advisories/32091
http://support.avaya.com/elmodocs2/security/ASA-2008-392.htm
http://www.redhat.com/support/errata/RHSA-2008-0890.html
http://www.vupen.com/english/advisories/2008/2773
http://secunia.com/advisories/31864
http://secunia.com/advisories/31886
http://secunia.com/advisories/32028
http://security.gentoo.org/glsa/glsa-200809-17.xml
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0278
http://www.mandriva.com/security/advisories?name=MDVSA-2008:199
http://www.securityfocus.com/archive/1/496487/100/0/threaded
http://www.securitytracker.com/id?1020819
http://www.wireshark.org/security/wnpa-sec-2008-05.html
https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00713.html
https://www.redhat.com/archives/fedora-package-announce/2008-September/msg00715.html
http://www.vupen.com/english/advisories/2008/2493
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15087
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9920