Summary
This host is installed with Wireshark and is prone to unsigned integer wrap vulnerability.
Impact
Successful remote exploitation will let the attacker execute arbitrary code or cause a Denial of Service.
Impact Level: Application.
Solution
Upgrade to Wireshark 1.2.2
http://www.wireshark.org/download.html
Insight
The flaw exists due to an integer overflow error in 'wiretap/erf.c' when processing an 'erf' file causes Wireshark to allocate a very large buffer.
Affected
Wireshark version prior to 1.2.2 on Windows.
References
Severity
Classification
-
CVE CVE-2009-3829 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Colasoft Capsa Malformed SNMP V1 Packet Remote Denial of Service Vulnerability
- ActFax LPD/LPR Server Denial of Service Vulnerability
- Apache httpd Web Server Range Header Denial of Service Vulnerability
- Apple Safari DoS or XSS Vulnerability - July09
- Adobe Reader '.ETD File' Denial of Service Vulnerability (Windows)