Vulnerability Details : CVE-2011-3483
Wireshark 1.6.x before 1.6.2 allows remote attackers to cause a denial of service (application crash) via a malformed capture file that leads to an invalid root tvbuff, related to a "buffer exception handling vulnerability."
Vulnerability category: OverflowDenial of service
Products affected by CVE-2011-3483
- cpe:2.3:a:wireshark:wireshark:1.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.6.1:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2011-3483
1.45%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 86 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2011-3483
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:N/I:N/A:P |
8.6
|
2.9
|
NIST |
CWE ids for CVE-2011-3483
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2011-3483
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14971
Repository / Oval Repository
-
http://www.openwall.com/lists/oss-security/2011/09/13/1
oss-security - CVE Request: Multiple issues fixed in wireshark 1.6.2
-
http://www.mandriva.com/security/advisories?name=MDVSA-2011:138
mandriva.com
-
http://www.openwall.com/lists/oss-security/2011/09/14/9
oss-security - Re: CVE Request: Multiple issues fixed in wireshark 1.6.2
-
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6135
6135 – [MSVR-11-0076] Vulnerability Report - Wireshark Uninitialized Variable Vulnerability
-
http://www.wireshark.org/security/wnpa-sec-2011-14.html
Wireshark · wnpa-sec-2011-14 · Wireshark buffer exception handling vulnerability
-
http://www.openwall.com/lists/oss-security/2011/09/14/5
oss-security - Re: CVE Request: Multiple issues fixed in wireshark 1.6.2
-
https://bugzilla.redhat.com/show_bug.cgi?id=737785
737785 – (CVE-2011-3483) CVE-2011-3483 Wireshark: buffer exception handling vulnerability
-
http://www.openwall.com/lists/oss-security/2011/09/14/10
oss-security - Re: CVE Request: Multiple issues fixed in wireshark 1.6.2
Jump to