CVE-2009-3829

EPSS 5.59%
Published 30.10.2009 20:30:00
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

Integer overflow in wiretap/erf.c in Wireshark before 1.2.2 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted erf file, related to an "unsigned integer wrap vulnerability."

Affected products Warnungen 0 Metrics 2 CWE 0 References 12

Data is provided by the National Vulnerability Database (NVD)

Wireshark ≫ Wireshark Version <= 1.2.1

Wireshark ≫ Wireshark Version0.6

Wireshark ≫ Wireshark Version0.7.9

Wireshark ≫ Wireshark Version0.8.16

Wireshark ≫ Wireshark Version0.8.19

Wireshark ≫ Wireshark Version0.8.20

Wireshark ≫ Wireshark Version0.9.2

Wireshark ≫ Wireshark Version0.9.5

Wireshark ≫ Wireshark Version0.9.6

Wireshark ≫ Wireshark Version0.9.7

Wireshark ≫ Wireshark Version0.9.8

Wireshark ≫ Wireshark Version0.9.10

Wireshark ≫ Wireshark Version0.9.14

Wireshark ≫ Wireshark Version0.10

Wireshark ≫ Wireshark Version0.10.1

Wireshark ≫ Wireshark Version0.10.2

Wireshark ≫ Wireshark Version0.10.3

Wireshark ≫ Wireshark Version0.10.4

Wireshark ≫ Wireshark Version0.10.5

Wireshark ≫ Wireshark Version0.10.6

Wireshark ≫ Wireshark Version0.10.7

Wireshark ≫ Wireshark Version0.10.8

Wireshark ≫ Wireshark Version0.10.9

Wireshark ≫ Wireshark Version0.10.10

Wireshark ≫ Wireshark Version0.10.11

Wireshark ≫ Wireshark Version0.10.12

Wireshark ≫ Wireshark Version0.10.13

Wireshark ≫ Wireshark Version0.10.14

Wireshark ≫ Wireshark Version0.99

Wireshark ≫ Wireshark Version0.99.0

Wireshark ≫ Wireshark Version0.99.1

Wireshark ≫ Wireshark Version0.99.2

Wireshark ≫ Wireshark Version0.99.3

Wireshark ≫ Wireshark Version0.99.4

Wireshark ≫ Wireshark Version0.99.5

Wireshark ≫ Wireshark Version0.99.6

Wireshark ≫ Wireshark Version0.99.6a

Wireshark ≫ Wireshark Version0.99.7

Wireshark ≫ Wireshark Version0.99.8

Wireshark ≫ Wireshark Version0.99.9

Wireshark ≫ Wireshark Version1.0

Wireshark ≫ Wireshark Version1.0.0

Wireshark ≫ Wireshark Version1.0.1

Wireshark ≫ Wireshark Version1.0.2

Wireshark ≫ Wireshark Version1.0.3

Wireshark ≫ Wireshark Version1.0.4

Wireshark ≫ Wireshark Version1.0.5

Wireshark ≫ Wireshark Version1.0.6

Wireshark ≫ Wireshark Version1.0.7

Wireshark ≫ Wireshark Version1.0.8

Wireshark ≫ Wireshark Version1.0.9

Wireshark ≫ Wireshark Version1.2

Wireshark ≫ Wireshark Version1.2.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	5.59%	0.893

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	9.3	8.6	10	AV:N/AC:M/Au:N/C:C/I:C/A:C

http://secunia.com/advisories/37477

http://www.debian.org/security/2009/dsa-1942

http://secunia.com/advisories/37409

http://www.wireshark.org/docs/relnotes/wireshark-1.2.2.html

Patch

Vendor Advisory

http://anonsvn.wireshark.org/viewvc/trunk/wiretap/erf.c?view=markup&pathrev=29364

Patch

http://www.kb.cert.org/vuls/id/676492

Patch

US Government Resource

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=3849

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5979

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9945

https://nvd.nist.gov/vuln/detail/CVE-2009-3829

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2009-3829

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2009-3829

EUVD