Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-3483

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2011-3483
Last Modified 13 Aug 2012 11:30:16
Published 20 Sep 2011 06:55:05
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-3483

Summary

Wireshark 1.6.x before 1.6.2 allows remote attackers to cause a denial of service (application crash) via a malformed capture file that leads to an invalid root tvbuff, related to a "buffer exception handling vulnerability."

Vulnerable Systems

Application

  • Wireshark 1.6.0

  • Wireshark 1.6.1


References

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=737785

CONFIRM - https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6135

CONFIRM - http://www.wireshark.org/security/wnpa-sec-2011-14.html

MLIST - [oss-security] 20110914 Re: CVE Request: Multiple issues fixed in wireshark 1.6.2

MLIST - [oss-security] 20110913 CVE Request: Multiple issues fixed in wireshark 1.6.2

MANDRIVA - MDVSA-2011:138

Related Patches

Novell SUSE 2011:5281 wireshark security update for SLE 11 SP1 i586

Novell SUSE 2011:7796 wireshark security update for SLE 10 SP4 i586


Last Updated: 27 May 2016 10:57:42