FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2010-1455

This CVE name corresponds to:

Entered Topic
2010-05-07 wireshark -- DOCSIS dissector denial of service

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2010-1455 at cve.mitre.org

Details

Type Candidate
Name CVE-2010-1455
Phase Assigned(20100415)

Description

The DOCSIS dissector in Wireshark 0.9.6 through 1.0.12 and 1.2.0 through 1.2.7 allows user-assisted remote attackers to cause a denial of service (application crash) via a malformed packet trace file.

References

Source Reference
MLIST [oss-security] 20100507 Re: CVE Assignment (wireshark)
CONFIRM http://www.wireshark.org/security/wnpa-sec-2010-03.html
CONFIRM http://www.wireshark.org/security/wnpa-sec-2010-04.html
CONFIRM https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4644
CONFIRM https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4646
MANDRIVA MDVSA-2010:099
SUSE SUSE-SR:2011:001
SUSE SUSE-SR:2011:002
BID 39950
OSVDB 64363
OVAL oval:org.mitre.oval:def:7331
SECUNIA 39661
SECUNIA 42877
SECUNIA 43068
VUPEN ADV-2010-1081
VUPEN ADV-2011-0076
VUPEN ADV-2011-0212
XF wireshark-docsis-dos(58362)

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.