CVE-2007-6451 — Wireshark vulnerability

CWE-3997 documents7 sources

Severity

4.3MEDIUMNVD

EPSS

3.0%

top 13.32%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Wireshark Debian Wireshark

Timeline

PublishedDec 19

Latest updateMay 1

Description

Unspecified vulnerability in the CIP dissector in Wireshark (formerly Ethereal) 0.9.14 to 0.99.6 allows remote attackers to cause a denial of service (crash) via unknown vectors that trigger allocation of large amounts of memory.

CVSS vector

AV:N/AC:M/C:N/I:N/A:PExploitability: 8.6 | Impact: 2.9

Affected Packages3 packages

▶debiandebian/wireshark< wireshark 0.99.7-1 (bookworm)

▶Debianwireshark/wireshark< 0.99.7-1+3

▶NVDwireshark/wireshark10 versions+9

🔴Vulnerability Details

GHSA

GHSA-963c-26c4-cw72: Unspecified vulnerability in the CIP dissector in Wireshark (formerly Ethereal) 0↗2022-05-01

▶

OSV

CVE-2007-6451: Unspecified vulnerability in the CIP dissector in Wireshark (formerly Ethereal) 0↗2007-12-19

▶

💥Exploits & PoCs

Exploit-DB

jPORTAL 2 - 'humor.php' SQL Injection↗2008-09-20

▶

📋Vendor Advisories

Red Hat

wireshark CIP dissector crash↗2007-12-18

▶

Debian

CVE-2007-6451: wireshark - Unspecified vulnerability in the CIP dissector in Wireshark (formerly Ethereal) ...↗2007

▶

💬Community

Bugzilla

CVE-2007-6451 wireshark CIP dissector crash↗2008-01-02

▶