CVE-2011-1590

Exploit

EPSS 2.47%
Published 29.04.2011 22:55:02
Last modified 11.04.2025 00:51:21
Source secalert@redhat.com
Teams watchlist Login
Open Login

The X.509if dissector in Wireshark 1.2.x before 1.2.16 and 1.4.x before 1.4.5 does not properly initialize certain global variables, which allows remote attackers to cause a denial of service (application crash) via a crafted .pcap file.

Affected products Warnungen 0 Metrics 2 CWE 0 References 26

Data is provided by the National Vulnerability Database (NVD)

Wireshark ≫ Wireshark Version1.2.0

Wireshark ≫ Wireshark Version1.2.1

Wireshark ≫ Wireshark Version1.2.2

Wireshark ≫ Wireshark Version1.2.3

Wireshark ≫ Wireshark Version1.2.4

Wireshark ≫ Wireshark Version1.2.5

Wireshark ≫ Wireshark Version1.2.6

Wireshark ≫ Wireshark Version1.2.7

Wireshark ≫ Wireshark Version1.2.8

Wireshark ≫ Wireshark Version1.2.9

Wireshark ≫ Wireshark Version1.2.10

Wireshark ≫ Wireshark Version1.2.11

Wireshark ≫ Wireshark Version1.2.12

Wireshark ≫ Wireshark Version1.2.13

Wireshark ≫ Wireshark Version1.2.14

Wireshark ≫ Wireshark Version1.2.15

Wireshark ≫ Wireshark Version1.4.0

Wireshark ≫ Wireshark Version1.4.1

Wireshark ≫ Wireshark Version1.4.2

Wireshark ≫ Wireshark Version1.4.3

Wireshark ≫ Wireshark Version1.4.4

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	2.47%	0.846

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:N/I:N/A:P

http://secunia.com/advisories/48947

http://anonsvn.wireshark.org/viewvc?revision=36608&view=revision

Patch

http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058900.html

http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058983.html

http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058993.html

http://openwall.com/lists/oss-security/2011/04/18/2

Patch

Exploit

http://openwall.com/lists/oss-security/2011/04/18/8

Patch

Exploit

http://secunia.com/advisories/44172

Vendor Advisory

http://secunia.com/advisories/44374

http://secunia.com/advisories/44822

http://secunia.com/advisories/45149

http://securitytracker.com/id?1025388

http://www.debian.org/security/2011/dsa-2274

http://www.mandriva.com/security/advisories?name=MDVSA-2011:083

http://www.osvdb.org/71846

http://www.vupen.com/english/advisories/2011/1022

Vendor Advisory

http://www.vupen.com/english/advisories/2011/1106

http://www.wireshark.org/security/wnpa-sec-2011-05.html

http://www.wireshark.org/security/wnpa-sec-2011-06.html

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5754

Patch

Exploit

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5793

https://hermes.opensuse.org/messages/8701428

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15050

https://nvd.nist.gov/vuln/detail/CVE-2011-1590

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2011-1590

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2011-1590

EUVD