Denial of Service Vulnerability in Wireshark by Open Source Vendor
CVE-2007-6118

Currently unrated

Key Information:

Vendor: Wireshark
Status: Wireshark; Ethereal
Vendor: CVE Published:; 23 November 2007

What is CVE-2007-6118?

The MEGACO dissector in Wireshark versions 0.9.14 to 0.99.6 facilitates conditions under which remote attackers can exploit the application. They can induce a Denial of Service by leveraging unpatched vectors that lead to excessive resource consumption and prolonged loops, disrupting the normal operations of affected Wireshark installations.

References

http://secunia.com/advisories/27777

third-party-advisoryx_refsource_SECUNIA

https://issues.rpath.com/browse/RPL-1975

x_refsource_CONFIRM

http://secunia.com/advisories/29048

third-party-advisoryx_refsource_SECUNIA

EPSS Score

5% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 23, 2007
Vulnerability Reserved
Nov 23, 2007