CVE-2014-5164 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	5 UNKNOWN	NETWORK	LOW		AV:N/AC:L/Au:N/C:N/I:N/A:P
mitre	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 47%

Vendor	Product	Version
wireshark	wireshark	1.10.0
wireshark	wireshark	1.10.1
wireshark	wireshark	1.10.2
wireshark	wireshark	1.10.3
wireshark	wireshark	1.10.4
wireshark	wireshark	1.10.5
wireshark	wireshark	1.10.6
wireshark	wireshark	1.10.7
wireshark	wireshark	1.10.8

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

wireshark

bullseye	3.4.10-0+deb11u1 fixed
squeeze	not-affected
bullseye (security)	3.4.16-0+deb11u1 fixed
bookworm	4.0.11-1~deb12u1 fixed
bookworm (security)	4.0.11-1~deb12u1 fixed
trixie	4.4.0-1 fixed
sid	4.4.1-1 fixed

Ubuntu Releases

Ubuntu Product

Codename

wireshark

bionic	not-affected
artful	not-affected
zesty	not-affected
yakkety	not-affected
xenial	not-affected
wily	not-affected
vivid	not-affected
utopic	not-affected
trusty	not-affected
precise	not-affected
lucid	ignored

Known Exploits!

Common Weakness Enumeration

CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

References

http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00033.html

http://lists.opensuse.org/opensuse-updates/2014-08/msg00025.html

http://lists.opensuse.org/opensuse-updates/2014-09/msg00058.html

http://secunia.com/advisories/57593

http://www.debian.org/security/2014/dsa-3002

http://www.wireshark.org/security/wnpa-sec-2014-10.html

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9795

https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=ba6eb5c72ffe82ca0e51c7083240975a5b118ad2

http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00033.html

http://lists.opensuse.org/opensuse-updates/2014-08/msg00025.html

http://lists.opensuse.org/opensuse-updates/2014-09/msg00058.html

http://secunia.com/advisories/57593

http://www.debian.org/security/2014/dsa-3002

http://www.wireshark.org/security/wnpa-sec-2014-10.html

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9795

https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=ba6eb5c72ffe82ca0e51c7083240975a5b118ad2