Denial of Service Vulnerability in Wireshark by The Wireshark Project
CVE-2010-1455

Currently unrated

Key Information:

Vendor: Wireshark
Status: Wireshark; Ethereal
Vendor: CVE Published:; 12 May 2010

What is CVE-2010-1455?

A vulnerability exists in the DOCSIS dissector of Wireshark versions 0.9.6 through 1.0.12 and 1.2.0 through 1.2.7, which can be exploited by remote attackers through specially crafted packet trace files. When a user loads a malformed packet trace, it can lead to an application crash, resulting in a denial of service. Users should ensure they are running the latest version of Wireshark to mitigate this risk.

References

http://lists.opensuse.org/opensuse-security-announce/2011...

vendor-advisoryx_refsource_SUSE

http://secunia.com/advisories/43068

third-party-advisoryx_refsource_SECUNIA

http://www.securityfocus.com/bid/39950

vdb-entryx_refsource_BID

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 12, 2010
Vulnerability Reserved
Apr 15, 2010