Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-3360

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2011-3360
Last Modified 13 Aug 2012 11:30:03
Published 20 Sep 2011 06:55:04
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-3360

Summary

Untrusted search path vulnerability in Wireshark 1.4.x before 1.4.9 and 1.6.x before 1.6.2 allows local users to gain privileges via a Trojan horse Lua script in an unspecified directory.

Vulnerable Systems

Application

  • Wireshark 1.4.0

  • Wireshark 1.4.1

  • Wireshark 1.4.2

  • Wireshark 1.4.3

  • Wireshark 1.4.4

  • Wireshark 1.4.5

  • Wireshark 1.4.6

  • Wireshark 1.4.7

  • Wireshark 1.4.8

  • Wireshark 1.6.0

  • Wireshark 1.6.1


References

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=737784

CONFIRM - https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6136

CONFIRM - http://www.wireshark.org/security/wnpa-sec-2011-15.html

MLIST - [oss-security] 20110914 Re: CVE Request: Multiple issues fixed in wireshark 1.6.2

MLIST - [oss-security] 20110913 CVE Request: Multiple issues fixed in wireshark 1.6.2

MANDRIVA - MDVSA-2011:138

DEBIAN - DSA-2324

OSVDB - 75347

Related Patches

Novell SUSE 2011:5281 wireshark security update for SLE 11 SP1 i586

Novell SUSE 2011:7796 wireshark security update for SLE 10 SP4 i586


Last Updated: 27 May 2016 10:57:42