CVE-2010-1455
NONE EPSS 74.5%
Published May 12, 201016y ago · Modified Jun 16, 20262w ago
Published May 12, 2010 16y ago
Last Modified Jun 16, 2026 2w ago
Description
The DOCSIS dissector in Wireshark 0.9.6 through 1.0.12 and 1.2.0 through 1.2.7 allows user-assisted remote attackers to cause a denial of service (application crash) via a malformed packet trace file.
Threat Intelligence
EPSS Exploit Probability
74.5% percentile
Exploit & Patch Status
No Known Exploit
Patch Available
Weaknesses 1
CWE-20 Improper Input Validation Validation
Affected Products 35
| Vendor | Product | Version | Range |
|---|---|---|---|
| ethereal_group | ethereal | 0.9.6 | any |
| ethereal_group | ethereal | 0.9.7 | any |
| ethereal_group | ethereal | 0.9.8 | any |
| ethereal_group | ethereal | 0.99.0 | any |
| wireshark | wireshark | 0.9.6 | any |
| wireshark | wireshark | 0.99.0 | any |
| wireshark | wireshark | 0.99.1 | any |
| wireshark | wireshark | 0.99.2 | any |
| wireshark | wireshark | 0.99.3 | any |
| wireshark | wireshark | 0.99.4 | any |
| wireshark | wireshark | 0.99.5 | any |
| wireshark | wireshark | 0.99.6 | any |
| wireshark | wireshark | 0.99.7 | any |
| wireshark | wireshark | 0.99.8 | any |
| wireshark | wireshark | 1.0.0 | any |
| wireshark | wireshark | 1.0.1 | any |
| wireshark | wireshark | 1.0.2 | any |
| wireshark | wireshark | 1.0.3 | any |
| wireshark | wireshark | 1.0.4 | any |
| wireshark | wireshark | 1.0.5 | any |
| wireshark | wireshark | 1.0.6 | any |
| wireshark | wireshark | 1.0.7 | any |
| wireshark | wireshark | 1.0.8 | any |
| wireshark | wireshark | 1.0.9 | any |
| wireshark | wireshark | 1.0.10 | any |
| wireshark | wireshark | 1.0.11 | any |
| wireshark | wireshark | 1.0.12 | any |
| wireshark | wireshark | 1.2.0 | any |
| wireshark | wireshark | 1.2.1 | any |
| wireshark | wireshark | 1.2.2 | any |
| wireshark | wireshark | 1.2.3 | any |
| wireshark | wireshark | 1.2.4 | any |
| wireshark | wireshark | 1.2.5 | any |
| wireshark | wireshark | 1.2.6 | any |
| wireshark | wireshark | 1.2.7 | any |
References 18
- lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html
- lists.opensuse.org http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
- secunia.com http://secunia.com/advisories/39661
- secunia.com http://secunia.com/advisories/42877
- secunia.com http://secunia.com/advisories/43068
- mandriva.com http://www.mandriva.com/security/advisories?name=MDVSA-2010:099
- openwall.com http://www.openwall.com/lists/oss-security/2010/05/07/7
- osvdb.org http://www.osvdb.org/64363
- securityfocus.com http://www.securityfocus.com/bid/39950
- vupen.com http://www.vupen.com/english/advisories/2010/1081
- vupen.com http://www.vupen.com/english/advisories/2011/0076
- vupen.com http://www.vupen.com/english/advisories/2011/0212
- wireshark.org http://www.wireshark.org/security/wnpa-sec-2010-03.html
- wireshark.org http://www.wireshark.org/security/wnpa-sec-2010-04.html
- bugs.wireshark.org https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4644
- bugs.wireshark.org https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4646
- exchange.xforce.ibmcloud.com https://exchange.xforce.ibmcloud.com/vulnerabilities/58362
- oval.cisecurity.org https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7331
Remediation
- vupen.com http://www.vupen.com/english/advisories/2010/1081