5
CVE-2009-3549
- EPSS 2.6%
- Veröffentlicht 30.10.2009 20:30:00
- Zuletzt bearbeitet 16.06.2026 23:11:49
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
packet-paltalk.c in the Paltalk dissector in Wireshark 1.2.0 through 1.2.2, on SPARC and certain other platforms, allows remote attackers to cause a denial of service (application crash) via a file that records a malformed packet trace.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.6% | 0.833 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
http://secunia.com/advisories/37175
http://secunia.com/advisories/37409
http://www.securityfocus.com/bid/36846
http://www.vupen.com/english/advisories/2009/3061
http://www.wireshark.org/docs/relnotes/wireshark-1.2.3.html
http://www.wireshark.org/security/wnpa-sec-2009-07.html
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3689
https://exchange.xforce.ibmcloud.com/vulnerabilities/54016
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6391