Summary
This host is installed with Wireshark and is prone to multiple vulnerabilities.
Impact
Successful exploitation will allow remote attackers to execute arbitrary code in the context of the application, crash affected application or to consume excessive CPU resources.
Impact Level: System/Application
Solution
Upgrade to the Wireshark version 1.8.2 or later,
For updates refer to http://www.wireshark.org/download
Insight
The flaws are due to
- An error within the pcap-ng file parser, Ixia IxVeriWave file parser and ERF dissector can be exploited to cause a buffer overflow.
- An error within the MongoDB dissector can be exploited to trigger an infinite loop and consume excessive CPU resources.
Affected
Wireshark 1.8.x before 1.8.2 on Mac OS X
References
- http://secunia.com/advisories/50276/
- http://securitytracker.com/id/1027404
- http://www.wireshark.org/security/wnpa-sec-2012-14.html
- http://www.wireshark.org/security/wnpa-sec-2012-16.html
- http://www.wireshark.org/security/wnpa-sec-2012-24.html
- http://www.wireshark.org/security/wnpa-sec-2012-25.html
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2012-4287, CVE-2012-4294, CVE-2012-4295 -
CVSS Base Score: 5.8
AV:A/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Apple Safari 'Webkit' Multiple Vulnerabilities -01 Feb15 (Mac OS X)
- Apple Safari WebKit Information Disclosure Vulnerability (Mac OS X)
- Apple Mac OS X Multiple Vulnerabilities - 02 Jan14
- Adobe Reader 'file://' URL Information Disclosure Vulnerability Feb07 (Linux)
- Adobe Reader Old Plugin Signature Bypass Vulnerability (Windows)