Vulnerability Details : CVE-2014-2299
Public exploit exists!
Buffer overflow in the mpeg_read function in wiretap/mpeg.c in the MPEG parser in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a large record in MPEG data.
Vulnerability category: OverflowExecute codeDenial of service
Products affected by CVE-2014-2299
- cpe:2.3:a:wireshark:wireshark:1.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.8.2:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.8.3:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.8.4:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.8.5:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.8.6:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.8.7:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.10.0:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.8.8:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.10.1:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.8.9:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.10.2:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.8.10:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.10.3:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.8.11:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.8.12:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.10.4:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.10.5:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2014-2299
95.77%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 100 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2014-2299
-
Wireshark wiretap/mpeg.c Stack Buffer Overflow
Disclosure Date: 2014-03-20First seen: 2020-04-26exploit/windows/fileformat/wireshark_mpeg_overflowThis module triggers a stack buffer overflow in Wireshark <= 1.8.12/1.10.5 by generating a malicious file. Authors: - Wesley Neelen - j0sm1
CVSS scores for CVE-2014-2299
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
9.3
|
HIGH | AV:N/AC:M/Au:N/C:C/I:C/A:C |
8.6
|
10.0
|
NIST |
CWE ids for CVE-2014-2299
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2014-2299
-
http://rhn.redhat.com/errata/RHSA-2014-0342.html
RHSA-2014:0342 - Security Advisory - Red Hat Customer Portal
-
http://www.securityfocus.com/bid/66066
Wireshark MPEG File Parser 'wiretap/mpeg.c' Buffer Overflow Vulnerability
-
http://www.debian.org/security/2014/dsa-2871
Debian -- Security Information -- DSA-2871-1 wireshark
-
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9843
9843 – MPEG file parser buffer overflow
-
http://www.securitytracker.com/id/1029907
Wireshark NFS/M3UA/RLC Dissector Bugs Let Remote Users Deny Service and MPEG Buffer Overflow Lets Remote Users Execute Arbitrary Code - SecurityTracker
-
http://rhn.redhat.com/errata/RHSA-2014-0341.html
RHSA-2014:0341 - Security Advisory - Red Hat Customer Portal
-
http://www.wireshark.org/security/wnpa-sec-2014-04.html
Wireshark · wnpa-sec-2014-04 · MPEG file parser buffer overflowVendor Advisory
-
http://lists.opensuse.org/opensuse-updates/2014-03/msg00047.html
openSUSE-SU-2014:0383-1: moderate: wireshark to 1.8.13
-
http://packetstormsecurity.com/files/126337/Wireshark-1.8.12-1.10.5-wiretap-mpeg.c-Stack-Buffer-Overflow.html
Wireshark 1.8.12/1.10.5 wiretap/mpeg.c Stack Buffer Overflow ≈ Packet Storm
-
http://www.exploit-db.com/exploits/33069
Wireshark 1.8.12/1.10.5 - wiretap/mpeg.c Stack Buffer Overflow (Metasploit) - Windows local Exploit
-
http://lists.opensuse.org/opensuse-updates/2014-03/msg00046.html
openSUSE-SU-2014:0382-1: moderate: wireshark to 1.8.13/1.10.6
-
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=f567435ac7140c96a5de56dbce3d5e7659af4d09
code.wireshark Code Review - wireshark.git/commitPatch
Jump to