CVE-2008-3139

Executive Summary

Informations
Name	CVE-2008-3139	First vendor Publication	2008-07-10
Vendor	Cve	Last vendor Modification	2012-09-12

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Cvss Base Score	5	Attack Range	Network
Cvss Impact Score	2.9	Attack Complexity	Low
Cvss Expoit Score	10	Authentification	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

The RTMPT dissector in Wireshark (formerly Ethereal) 0.99.8 through 1.0.0 allows remote attackers to cause a denial of service (crash) via unknown vectors. NOTE: this might be due to a use-after-free error.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3139

CWE : Common Weakness Enumeration

id	Name
CWE-200	Information Exposure

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:14682

Oval ID:	oval:org.mitre.oval:def:14682
Title:	RTMPT dissector vulnerability in Wireshark 0.99.8 through 1.0.0
Description:	The RTMPT dissector in Wireshark (formerly Ethereal) 0.99.8 through 1.0.0 allows remote attackers to cause a denial of service (crash) via unknown vectors. NOTE: this might be due to a use-after-free error.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2008-3139	Version:	7
Platform(s):	Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Vista Microsoft Windows XP	Product(s):	Wireshark
Definition Synopsis:
Wireshark is installed on the system. AND Version of Wireshark is 0.99.8 through 1.0.0

CPE : Common Platform Enumeration

Type	Description	Count
Application	Rpath Rpath Linux cpe:/a:rpath:rpath_linux:1	1
Application	Wireshark Wireshark cpe:/a:wireshark:wireshark:1.0.0 cpe:/a:wireshark:wireshark:1.0 cpe:/a:wireshark:wireshark:0.99.8 cpe:/a:wireshark:wireshark:0.99.7 cpe:/a:wireshark:wireshark:0.99.6 cpe:/a:wireshark:wireshark:0.99.5 cpe:/a:wireshark:wireshark:0.99.4 cpe:/a:wireshark:wireshark:0.99.3 cpe:/a:wireshark:wireshark:0.99.2 cpe:/a:wireshark:wireshark:0.9.5	10

Open Source Vulnerability Database (OSVDB)

id	Description
46649	Wireshark RTMPT Dissector Unspecified DoS

Internal Sources (Detail)

Source	Url
BID	http://www.securityfocus.com/bid/30020
BUGTRAQ	http://www.securityfocus.com/archive/1/archive/1/493882/100/0/threaded
CONFIRM	http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0212 http://www.wireshark.org/security/wnpa-sec-2008-03.html
FEDORA	https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00544.html
GENTOO	http://security.gentoo.org/glsa/glsa-200808-04.xml
SECTRACK	http://securitytracker.com/id?1020404
SECUNIA	http://secunia.com/advisories/30886 http://secunia.com/advisories/30942 http://secunia.com/advisories/31085 http://secunia.com/advisories/31378 http://secunia.com/advisories/31687
SUSE	http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html
VUPEN	http://www.vupen.com/english/advisories/2008/1982/references
XF	http://xforce.iss.net/xforce/xfdb/43517

Alert History

If you want to see full details history, please login or register.

Date	Informations
2013-05-11 00:21:19	Multiple Updates

Type	Count
Oval ID(s)	1
CPE ID(s)	11
osvdb(s)	1

Related	Severity
GLSA-200808-04	(Medium)

Same Subject	Severity
Login to view 5 more Alert(s)

CVE-2008-3139

Executive Summary

Security-Database Scoring CVSS v2

Detail

Original Source

CWE : Common Weakness Enumeration

OVAL Definitions

CPE : Common Platform Enumeration

Open Source Vulnerability Database (OSVDB)

Internal Sources (Detail)

Alert History

Global Informations

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU