cbcvebase.
CVE-2008-4682
published 2008-10-22

CVE-2008-4682: wtap.c in Wireshark 0.99.7 through 1.0.3 allows remote attackers to cause a denial of service (application abort) via a malformed Tamos CommView capture file…

PriorityP425medium5CVSS 2.0
AVNACLAuNCNINAP
EXPLOIT
EPSS
9.29%
94.7th percentile
wtap.c in Wireshark 0.99.7 through 1.0.3 allows remote attackers to cause a denial of service (application abort) via a malformed Tamos CommView capture file (aka .ncf file) with an "unknown/unexpected packet type" that triggers a failed assertion.

Affected

12 ranges
VendorProductVersion rangeFixed in
debianwireshark< wireshark 1.0.4-1 (bookworm)wireshark 1.0.4-1 (bookworm)
wiresharkwireshark
wiresharkwireshark
wiresharkwireshark
wiresharkwireshark
wiresharkwireshark
wiresharkwireshark
wiresharkwireshark
wiresharkwireshark>= 0 < 1.0.4-11.0.4-1
wiresharkwireshark>= 0 < 1.0.4-11.0.4-1
wiresharkwireshark>= 0 < 1.0.4-11.0.4-1
wiresharkwireshark>= 0 < 1.0.4-11.0.4-1

CVSS provenance

nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv5.0MEDIUM
vendor_debian5.0LOW
vendor_redhat5.0MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.