Summary
This host is installed with Wireshark and is prone to multiple vulnerabilities.
Impact
Successful exploitation will allow remote attackers to execute arbitrary code in the context of the application, crash affected application or to consume excessive CPU resources.
Impact Level: System/Application
Solution
Upgrade to the Wireshark version 1.8.2 or later,
For updates refer to http://www.wireshark.org/download
Insight
The flaws are due to
- An error within the pcap-ng file parser, Ixia IxVeriWave file parser and ERF dissector can be exploited to cause a buffer overflow.
- An error within the MongoDB dissector can be exploited to trigger an infinite loop and consume excessive CPU resources.
Affected
Wireshark 1.8.x before 1.8.2 on Windows
References
- http://secunia.com/advisories/50276/
- http://securitytracker.com/id/1027404
- http://www.wireshark.org/security/wnpa-sec-2012-14.html
- http://www.wireshark.org/security/wnpa-sec-2012-16.html
- http://www.wireshark.org/security/wnpa-sec-2012-24.html
- http://www.wireshark.org/security/wnpa-sec-2012-25.html
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2012-4286, CVE-2012-4287, CVE-2012-4294, CVE-2012-4295, CVE-2012-4298 -
CVSS Base Score: 5.8
AV:A/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Adobe Flash Player/Air Multiple Vulnerabilities -feb10 (Linux)
- Apple Safari 'javascript: URI' XSS Vulnerability - Sep09
- Apple Safari Address Bar Spoofing Vulnerability june-10 (Win)
- Apple Safari Multiple Memory Corruption Vulnerabilities-03 Aug14 (Mac OS X)
- Adobe Reader 'file://' URL Information Disclosure Vulnerability Feb07 (Windows)