[Forgot Password]
Login  Register Subscribe

24128

 
 

131615

 
 

112965

 
 

909

 
 

87888

 
 

136

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML view JSON

CVE-2010-2995Date: (C)2010-08-13   (M)2018-05-10


The SigComp Universal Decompressor Virtual Machine (UDVM) in Wireshark 0.10.8 through 1.0.14 and 1.2.0 through 1.2.9 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to sigcomp-udvm.c and an off-by-one error, which triggers a buffer overflow, different vulnerabilities than CVE-2010-2287.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 10.0
Exploit Score: 10.0
Impact Score: 10.0
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: COMPLETE
Integrity: COMPLETE
Availability: COMPLETE
  
Reference:
SECUNIA-42877
SECUNIA-43068
ADV-2011-0076
ADV-2011-0212
SUSE-SR:2011:001
SUSE-SR:2011:002
http://www.wireshark.org/docs/relnotes/wireshark-1.2.10.html
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4867

CPE    24
cpe:/a:wireshark:wireshark:1.0.12
cpe:/a:wireshark:wireshark:1.0.11
cpe:/a:wireshark:wireshark:1.0.10
cpe:/a:wireshark:wireshark:1.0.2
...
CWE    1
CWE-189
OVAL    10
oval:org.secpod.oval:def:40821
oval:org.secpod.oval:def:600111
oval:org.mitre.oval:def:12049
oval:org.secpod.oval:def:201718
...

© SecPod Technologies