CVE Vulnerabilities

CVE-2011-1590

Published: Apr 29, 2011 | Modified: Feb 13, 2023
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.3 MEDIUM
AV:N/AC:M/Au:N/C:N/I:N/A:P
RedHat/V2
6.8 MODERATE
AV:N/AC:M/Au:N/C:P/I:P/A:P
RedHat/V3
Ubuntu
LOW

The X.509if dissector in Wireshark 1.2.x before 1.2.16 and 1.4.x before 1.4.5 does not properly initialize certain global variables, which allows remote attackers to cause a denial of service (application crash) via a crafted .pcap file.

Affected Software

Name Vendor Start Version End Version
Wireshark Wireshark 1.2.0 (including) 1.2.0 (including)
Wireshark Wireshark 1.2.1 (including) 1.2.1 (including)
Wireshark Wireshark 1.2.2 (including) 1.2.2 (including)
Wireshark Wireshark 1.2.3 (including) 1.2.3 (including)
Wireshark Wireshark 1.2.4 (including) 1.2.4 (including)
Wireshark Wireshark 1.2.5 (including) 1.2.5 (including)
Wireshark Wireshark 1.2.6 (including) 1.2.6 (including)
Wireshark Wireshark 1.2.7 (including) 1.2.7 (including)
Wireshark Wireshark 1.2.8 (including) 1.2.8 (including)
Wireshark Wireshark 1.2.9 (including) 1.2.9 (including)
Wireshark Wireshark 1.2.10 (including) 1.2.10 (including)
Wireshark Wireshark 1.2.11 (including) 1.2.11 (including)
Wireshark Wireshark 1.2.12 (including) 1.2.12 (including)
Wireshark Wireshark 1.2.13 (including) 1.2.13 (including)
Wireshark Wireshark 1.2.14 (including) 1.2.14 (including)
Wireshark Wireshark 1.2.15 (including) 1.2.15 (including)
Wireshark Wireshark 1.4.0 (including) 1.4.0 (including)
Wireshark Wireshark 1.4.1 (including) 1.4.1 (including)
Wireshark Wireshark 1.4.2 (including) 1.4.2 (including)
Wireshark Wireshark 1.4.3 (including) 1.4.3 (including)
Wireshark Wireshark 1.4.4 (including) 1.4.4 (including)
Red Hat Enterprise Linux 6 RedHat wireshark-0:1.2.15-2.el6_2.1 *
Wireshark Ubuntu hardy *
Wireshark Ubuntu lucid *
Wireshark Ubuntu maverick *
Wireshark Ubuntu upstream *

References