4.3
CVE-2010-1455
- EPSS 1.71%
- Veröffentlicht 12.05.2010 11:46:31
- Zuletzt bearbeitet 16.06.2026 23:18:25
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
The DOCSIS dissector in Wireshark 0.9.6 through 1.0.12 and 1.2.0 through 1.2.7 allows user-assisted remote attackers to cause a denial of service (application crash) via a malformed packet trace file.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ethereal Group ≫ Ethereal Version0.9.6
Ethereal Group ≫ Ethereal Version0.9.7
Ethereal Group ≫ Ethereal Version0.9.8
Ethereal Group ≫ Ethereal Version0.99.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.71% | 0.743 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:N/I:N/A:P
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
http://secunia.com/advisories/43068
http://www.vupen.com/english/advisories/2011/0212
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html
http://secunia.com/advisories/39661
http://secunia.com/advisories/42877
http://www.mandriva.com/security/advisories?name=MDVSA-2010:099
http://www.openwall.com/lists/oss-security/2010/05/07/7
http://www.osvdb.org/64363
http://www.securityfocus.com/bid/39950
http://www.vupen.com/english/advisories/2010/1081
http://www.vupen.com/english/advisories/2011/0076
http://www.wireshark.org/security/wnpa-sec-2010-03.html
http://www.wireshark.org/security/wnpa-sec-2010-04.html
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4644
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4646
https://exchange.xforce.ibmcloud.com/vulnerabilities/58362
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7331