Summary
This host is installed with Wireshark and is prone to code execution vulnerability.
Impact
Successful exploitation will allow the attacker to execute arbitrary Lua script in the context of the affected application.
Impact Level: System/Application
Solution
Upgrade to the Wireshark version 1.4.9, 1.6.2 or later, For updates refer to http://www.wireshark.org/download
Insight
The flaw is due to an unspecified error related to Lua scripts, which allows local users to gain privileges via a Trojan horse Lua script in an unspecified directory.
Affected
Wireshark versions 1.4.x before 1.4.9 and 1.6.x before 1.6.2.
References
Severity
Classification
-
CVE CVE-2011-3360 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe AIR Code Execution and DoS Vulnerabilities Nov13 (Mac OS X)
- Adobe AIR Code Execution and DoS Vulnerabilities Nov13 (Windows)
- Adobe Captivate Insecure Library Loading Vulnerability
- Adobe Acrobat Multiple Unspecified Vulnerabilities-01 Sep13 (Windows)
- Adobe Acrobat Multiple Unspecified Vulnerabilities - Windows