CVE-2009-4376

2009-12-2121:30:00

CWE-119

mitre

web.nvd.nist.gov

cve-2009-4376

buffer overflow

daintree sna

wireshark

denial of service

remote attack

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.5

Confidence

Low

EPSS

0.039

Percentile

92.0%

JSON

Buffer overflow in the daintree_sna_read function in the Daintree SNA file parser in Wireshark 1.2.0 through 1.2.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet.

Affected configurations

Nvd

Node

wiresharkwiresharkMatch1.2.0

wiresharkwiresharkMatch1.2.1

wiresharkwiresharkMatch1.2.2

wiresharkwiresharkMatch1.2.3

wiresharkwiresharkMatch1.2.4

VendorProductVersionCPE
wiresharkwireshark1.2.0cpe:2.3:a:wireshark:wireshark:1.2.0:*:*:*:*:*:*:*
wiresharkwireshark1.2.1cpe:2.3:a:wireshark:wireshark:1.2.1:*:*:*:*:*:*:*
wiresharkwireshark1.2.2cpe:2.3:a:wireshark:wireshark:1.2.2:*:*:*:*:*:*:*
wiresharkwireshark1.2.3cpe:2.3:a:wireshark:wireshark:1.2.3:*:*:*:*:*:*:*
wiresharkwireshark1.2.4cpe:2.3:a:wireshark:wireshark:1.2.4:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
wireshark	wireshark	1.2.0	cpe:2.3:a:wireshark:wireshark:1.2.0:::::::*
wireshark	wireshark	1.2.1	cpe:2.3:a:wireshark:wireshark:1.2.1:::::::*
wireshark	wireshark	1.2.2	cpe:2.3:a:wireshark:wireshark:1.2.2:::::::*
wireshark	wireshark	1.2.3	cpe:2.3:a:wireshark:wireshark:1.2.3:::::::*
wireshark	wireshark	1.2.4	cpe:2.3:a:wireshark:wireshark:1.2.4:::::::*