Wireshark ENTTEC DMX Data RLE Buffer Overflow Vulnerability (Win) Network Vulnerability

Summary

This host is installed with Wireshark and is prone to buffer overflow vulnerability.

Impact

Successful exploitation will allow attackers to create a denial of service or execute arbitrary code. Impact Level: Application

Solution

Upgrade to the latest version of Wireshark 1.4.3, For updates refer to http://www.wireshark.org/download

Insight

The flaw is caused by a boundary error in the 'dissect_enttec_dmx_data()' function when processing RLE Compressed DMX data of the ENTTEC protocol which can be exploited to cause a buffer overflow via a specially crafted packet.

Affected

Wireshark version 1.4.2

References

http://osvdb.org/70244
http://secunia.com/advisories/42767
http://www.vupen.com/english/advisories/2011/0079
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5539

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-4538

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Shockwave Player 3D Model Buffer Overflow Vulnerabilities
Active Perl 'Perl_repeatcpy()' Function Buffer Overflow Vulnerability (Windows)
Adobe Reader 'XFDF' File Buffer Overflow Vulnerability (Windows)
Adobe Reader 'Plug-in' Buffer Overflow Vulnerability (Linux)
Cscope putstring Multiple Buffer Overflow vulnerability

Take action and discover your vulnerabilities