PT-2010-4467 · Wireshark · Wireshark

Published

2010-08-13

Updated

2017-09-19

CVE-2010-2994

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Wireshark versions 0.10.13 through 1.0.14 Wireshark versions 1.2.0 through 1.2.9

Description A stack-based buffer overflow issue exists in the ASN.1 BER dissector of Wireshark, allowing for remote attack vectors. The impact of this issue is unknown. It is noted that this issue is a result of a regression.

Recommendations For Wireshark versions 0.10.13 through 1.0.14, update to a version outside of this range to resolve the issue. For Wireshark versions 1.2.0 through 1.2.9, update to a version outside of this range to resolve the issue. As a temporary workaround, consider disabling the ASN.1 BER dissector until a patch is available.

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

CVE-2010-2994

DSA-2101-1

Affected Products

Wireshark

PT-2010-4467 · Wireshark · Wireshark

CVE-2010-2994

Weakness Enumeration

Related Identifiers

Affected Products

References · 12