Executive Summary

Informations
NameCVE-2011-0713First vendor Publication2011-03-02
VendorCveLast vendor Modification2012-08-13

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:P/I:P/A:P)
Cvss Base Score6.8Attack RangeNetwork
Cvss Impact Score6.4Attack ComplexityMedium
Cvss Expoit Score8.6AuthentificationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

Heap-based buffer overflow in wiretap/dct3trace.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long record in a Nokia DCT3 trace file.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0713

CWE : Common Weakness Enumeration

idName
CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:14766
 
Oval ID: oval:org.mitre.oval:def:14766
Title: Heap-based buffer overflow in wiretap/dct3trace.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through 1.4.3
Description: Heap-based buffer overflow in wiretap/dct3trace.c in Wireshark 1.2.0 through 1.2.14 and 1.4.0 through 1.4.3 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long record in a Nokia DCT3 trace file.
Family: windows Class: vulnerability
Reference(s): CVE-2011-0713
 Version: 4
Platform(s): Microsoft Windows 2000
Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
 Product(s): Wireshark
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application19

Open Source Vulnerability Database (OSVDB)

idDescription
71554Wireshark Nokia DCT3 Trace File Handling Overflow

Internal Sources (Detail)

SourceUrl
BIDhttp://www.securityfocus.com/bid/46416
CERT-VNhttp://www.kb.cert.org/vuls/id/215900
CONFIRMhttp://anonsvn.wireshark.org/viewvc?view=rev&revision=35953
http://www.wireshark.org/docs/relnotes/wireshark-1.2.15.html
http://www.wireshark.org/docs/relnotes/wireshark-1.4.4.html
http://www.wireshark.org/security/wnpa-sec-2011-03.html
http://www.wireshark.org/security/wnpa-sec-2011-04.html
https://bugzilla.redhat.com/show_bug.cgi?id=678198
DEBIANhttp://www.debian.org/security/2011/dsa-2201
FEDORAhttp://lists.fedoraproject.org/pipermail/package-announce/2011-March/055364.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055650.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055664.html
MANDRIVAhttp://www.mandriva.com/security/advisories?name=MDVSA-2011:044
MLISThttp://openwall.com/lists/oss-security/2011/02/16/13
REDHAThttp://www.redhat.com/support/errata/RHSA-2011-0369.html
SECTRACKhttp://www.securitytracker.com/id?1025148
SECUNIAhttp://secunia.com/advisories/43759
http://secunia.com/advisories/43795
VUPENhttp://www.vupen.com/english/advisories/2011/0622
http://www.vupen.com/english/advisories/2011/0626
http://www.vupen.com/english/advisories/2011/0719
http://www.vupen.com/english/advisories/2011/0747
XFhttp://xforce.iss.net/xforce/xfdb/65460
http://xforce.iss.net/xforce/xfdb/65780

Alert History

If you want to see full details history, please login or register.
0
DateInformations
2013-05-10 22:54:38
  • Multiple Updates