Wireshark ENTTEC DMX Data RLE Buffer Overflow Vulnerability (Win) Network Vulnerability

Summary

This host is installed with Wireshark and is prone to buffer overflow vulnerability.

Impact

Successful exploitation will allow attackers to create a denial of service or execute arbitrary code. Impact Level: Application

Solution

Upgrade to the latest version of Wireshark 1.4.3, For updates refer to http://www.wireshark.org/download

Insight

The flaw is caused by a boundary error in the 'dissect_enttec_dmx_data()' function when processing RLE Compressed DMX data of the ENTTEC protocol which can be exploited to cause a buffer overflow via a specially crafted packet.

Affected

Wireshark version 1.4.2

References

http://osvdb.org/70244
http://secunia.com/advisories/42767
http://www.vupen.com/english/advisories/2011/0079
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5539

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-4538
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Flash Player Buffer Overflow Vulnerability (Linux)
A-V Tronics InetServ POP3 Denial Of Service Vulnerability
Adobe Reader/Acrobat Multimedia Doc.media.newPlayer Code Execution Vulnerability (Win)
Adobe Reader '/Registry' and '/Ordering' Buffer Overflow Vulnerability (Win)
Attachmate Reflection FTP Client LIST Command Remote Heap Buffer Overflow Vulnerability

Take action and discover your vulnerabilities