CVE-2009-1210

EUVD-2009-1209
Format string vulnerability in the PROFINET/DCP (PN-DCP) dissector in Wireshark 1.0.6 and earlier allows remote attackers to execute arbitrary code via a PN-DCP packet with format string specifiers in the station name.  NOTE: some of these details are obtained from third party information.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
10 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 96%
Affected Products (NVD)
VendorProductVersion
wiresharkwireshark
𝑥
≤ 1.0.5
wiresharkwireshark
0.6
wiresharkwireshark
0.7.9
wiresharkwireshark
0.8.16
wiresharkwireshark
0.8.19
wiresharkwireshark
0.9.5
wiresharkwireshark
0.9.7
wiresharkwireshark
0.9.8
wiresharkwireshark
0.9.10
wiresharkwireshark
0.9.14
wiresharkwireshark
0.10
wiresharkwireshark
0.10.1
wiresharkwireshark
0.10.2
wiresharkwireshark
0.10.3
wiresharkwireshark
0.10.4
wiresharkwireshark
0.10.5
wiresharkwireshark
0.10.6
wiresharkwireshark
0.10.7
wiresharkwireshark
0.10.8
wiresharkwireshark
0.10.9
wiresharkwireshark
0.10.10
wiresharkwireshark
0.10.11
wiresharkwireshark
0.10.12
wiresharkwireshark
0.10.13
wiresharkwireshark
0.10.14
wiresharkwireshark
0.99
wiresharkwireshark
0.99.0
wiresharkwireshark
0.99.1
wiresharkwireshark
0.99.2
wiresharkwireshark
0.99.3
wiresharkwireshark
0.99.4
wiresharkwireshark
0.99.5
wiresharkwireshark
0.99.6
wiresharkwireshark
0.99.6a:a
wiresharkwireshark
0.99.7
wiresharkwireshark
0.99.8
wiresharkwireshark
1.0
wiresharkwireshark
1.0.0
wiresharkwireshark
1.0.1
wiresharkwireshark
1.0.2
wiresharkwireshark
1.0.3
wiresharkwireshark
1.0.4
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
wireshark
bookworm
4.0.11-1~deb12u1
fixed
bookworm (security)
4.0.11-1~deb12u1
fixed
bullseye
3.4.10-0+deb11u1
fixed
bullseye (security)
3.4.16-0+deb11u1
fixed
etch
not-affected
sid
4.4.1-1
fixed
trixie
4.4.0-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
wireshark
dapper
dne
gutsy
ignored
hardy
ignored
intrepid
ignored
jaunty
ignored
karmic
ignored
lucid
not-affected
maverick
not-affected
natty
not-affected
oneiric
not-affected
Common Weakness Enumeration
References
http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html
http://secunia.com/advisories/34542
http://secunia.com/advisories/34778
http://secunia.com/advisories/34970
http://secunia.com/advisories/35133
http://secunia.com/advisories/35224
http://secunia.com/advisories/35416
http://secunia.com/advisories/35464
http://wiki.rpath.com/Advisories:rPSA-2009-0062
http://www.debian.org/security/2009/dsa-1785
http://www.mandriva.com/security/advisories?name=MDVSA-2009:088
http://www.redhat.com/support/errata/RHSA-2009-1100.html
http://www.securityfocus.com/archive/1/502745/100/0/threaded
http://www.securityfocus.com/bid/34291
http://www.wireshark.org/security/wnpa-sec-2009-02.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/49512
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5976
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9526
https://www.exploit-db.com/exploits/8308
https://www.redhat.com/archives/fedora-package-announce/2009-May/msg00675.html
https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01167.html
https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01213.html
http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html
http://secunia.com/advisories/34542
http://secunia.com/advisories/34778
http://secunia.com/advisories/34970
http://secunia.com/advisories/35133
http://secunia.com/advisories/35224
http://secunia.com/advisories/35416
http://secunia.com/advisories/35464
http://wiki.rpath.com/Advisories:rPSA-2009-0062
http://www.debian.org/security/2009/dsa-1785
http://www.mandriva.com/security/advisories?name=MDVSA-2009:088
http://www.redhat.com/support/errata/RHSA-2009-1100.html
http://www.securityfocus.com/archive/1/502745/100/0/threaded
http://www.securityfocus.com/bid/34291
http://www.wireshark.org/security/wnpa-sec-2009-02.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/49512
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5976
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9526
https://www.exploit-db.com/exploits/8308
https://www.redhat.com/archives/fedora-package-announce/2009-May/msg00675.html
https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01167.html
https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01213.html