CVE-2010-2287

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2010-2287
Buffer overflow in the SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.8 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors.

8.3 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:A/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 6.5 / Impact : 10.0

Access Vector ADJACENT_NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References
Link Resource
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
http://secunia.com/advisories/40112 Vendor Advisory
http://secunia.com/advisories/42877
http://secunia.com/advisories/43068
http://www.mandriva.com/security/advisories?name=MDVSA-2010:113
http://www.mandriva.com/security/advisories?name=MDVSA-2010:144
http://www.openwall.com/lists/oss-security/2010/06/11/1
http://www.securityfocus.com/bid/40728
http://www.vupen.com/english/advisories/2010/1418 Patch Vendor Advisory
http://www.vupen.com/english/advisories/2011/0076
http://www.vupen.com/english/advisories/2011/0212
http://www.wireshark.org/security/wnpa-sec-2010-05.html Vendor Advisory
http://www.wireshark.org/security/wnpa-sec-2010-06.html Vendor Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11836
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html
http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
http://secunia.com/advisories/40112 Vendor Advisory
http://secunia.com/advisories/42877
http://secunia.com/advisories/43068
http://www.mandriva.com/security/advisories?name=MDVSA-2010:113
http://www.mandriva.com/security/advisories?name=MDVSA-2010:144
http://www.openwall.com/lists/oss-security/2010/06/11/1
http://www.securityfocus.com/bid/40728
http://www.vupen.com/english/advisories/2010/1418 Patch Vendor Advisory
http://www.vupen.com/english/advisories/2011/0076
http://www.vupen.com/english/advisories/2011/0212
http://www.wireshark.org/security/wnpa-sec-2010-05.html Vendor Advisory
http://www.wireshark.org/security/wnpa-sec-2010-06.html Vendor Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11836
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:wireshark:wireshark:0.10.8:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:0.10.9:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:0.10.10:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:0.10.11:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:0.10.12:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:0.10.13:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:0.10.14:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:0.99.0:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:0.99.1:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:0.99.2:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:0.99.3:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:0.99.4:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:0.99.5:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:0.99.6:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:0.99.7:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:0.99.8:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.0.3:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.0.4:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.0.5:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.0.6:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.0.7:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.0.8:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.0.9:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.0.10:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.0.11:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.0.12:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.0.13:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:wireshark:wireshark:1.2.0:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.2.1:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.2.2:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.2.3:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.2.4:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.2.5:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.2.6:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.2.7:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.2.8:*:*:*:*:*:*:*
History

No history.

Information

Published : 2010-06-15 14:04

Updated : 2025-04-11 00:51

NVD link : CVE-2010-2287

Mitre link : CVE-2010-2287

CVE.ORG link : CVE-2010-2287

JSON object : View

Products Affected

wireshark

  • wireshark
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer