Published: 29/04/2011 Updated: 13/02/2023

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

The X.509if dissector in Wireshark 1.2.x prior to 1.2.16 and 1.4.x prior to 1.4.5 does not properly initialize certain global variables, which allows remote malicious users to cause a denial of service (application crash) via a crafted .pcap file.

Vulnerable Product	Search on Vulmon	Subscribe to Product
wireshark wireshark 1.4.2
wireshark wireshark 1.2.7
wireshark wireshark 1.4.0
wireshark wireshark 1.2.11
wireshark wireshark 1.2.10
wireshark wireshark 1.2.6
wireshark wireshark 1.2.8
wireshark wireshark 1.2.0
wireshark wireshark 1.2.15
wireshark wireshark 1.2.14
wireshark wireshark 1.2.3
wireshark wireshark 1.2.12
wireshark wireshark 1.4.4
wireshark wireshark 1.2.13
wireshark wireshark 1.2.5
wireshark wireshark 1.2.1
wireshark wireshark 1.2.4
wireshark wireshark 1.4.3
wireshark wireshark 1.2.9
wireshark wireshark 1.2.2
wireshark wireshark 1.4.1

Synopsis Moderate: wireshark security update Type/Severity Security Advisory: Moderate Topic Updated wireshark packages that fix several security issues are nowavailable for Red Hat Enterprise Linux 6The Red Hat Security Response Team has rated this update as having moderatesecurity impact Common Vulnerab ...

Debian Bug report logs - #630159 wireshark: multiple security issues Package: wireshark; Maintainer for wireshark is Balint Reczey <rbalint@ubuntucom>; Source for wireshark is src:wireshark (PTS, buildd, popcon) Reported by: Nico Golde <nion@debianorg> Date: Sat, 11 Jun 2011 16:39:01 UTC Severity: grave Tags: secu ...

Several flaws were found in Wireshark If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code as the user running Wireshark Several denial of service flaws were found in Wireshark Wireshark could crash or stop responding if it read a malformed packet off a network, o ...

CWE-399 http://www.wireshark.org/security/wnpa-sec-2011-05.html http://openwall.com/lists/oss-security/2011/04/18/8 http://www.wireshark.org/security/wnpa-sec-2011-06.html http://www.vupen.com/english/advisories/2011/1022 http://secunia.com/advisories/44172 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5754 http://openwall.com/lists/oss-security/2011/04/18/2 http://securitytracker.com/id?1025388 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5793 http://anonsvn.wireshark.org/viewvc?revision=36608&view=revision http://www.osvdb.org/71846 http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058983.html http://secunia.com/advisories/44374 http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058900.html http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058993.html http://www.vupen.com/english/advisories/2011/1106 http://secunia.com/advisories/45149 http://secunia.com/advisories/44822 https://hermes.opensuse.org/messages/8701428 http://www.debian.org/security/2011/dsa-2274 http://www.mandriva.com/security/advisories?name=MDVSA-2011:083 http://secunia.com/advisories/48947 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15050 https://access.redhat.com/errata/RHSA-2012:0509 https://nvd.nist.gov https://alas.aws.amazon.com/ALAS-2012-71.html

CVE-2011-1590

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect