Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2009-1210Use of Externally-Controlled Format String in Wireshark

CWE-134Use of Externally-Controlled Format String9 documents7 sources
Severity
10.0CRITICALNVD
EPSS
34.5%
top 2.99%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
WiresharkDebian Wireshark
Timeline
PublishedApr 1
Latest updateMay 2

Description

Format string vulnerability in the PROFINET/DCP (PN-DCP) dissector in Wireshark 1.0.6 and earlier allows remote attackers to execute arbitrary code via a PN-DCP packet with format string specifiers in the station name. NOTE: some of these details are obtained from third party information.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages3 packages

debiandebian/wireshark< wireshark 1.0.7-1 (bookworm)
Debianwireshark/wireshark< 1.0.7-1+3
NVDwireshark/wireshark1.0.5+41

🔴Vulnerability Details

2
GHSA
GHSA-mgcw-89jj-vw5f: Format string vulnerability in the PROFINET/DCP (PN-DCP) dissector in Wireshark 12022-05-02
OSV
CVE-2009-1210: Format string vulnerability in the PROFINET/DCP (PN-DCP) dissector in Wireshark 12009-04-01

💥Exploits & PoCs

1
Exploit-DB
Wireshark 1.0.6 - PN-DCP Format String (PoC)2009-03-30

📋Vendor Advisories

3
Red Hat
Firefox: overlong UTF-8 seqence detection problem2009-08-21
Red Hat
wireshark: format string in PROFINET dissector2009-03-30
Debian
CVE-2009-1210: wireshark - Format string vulnerability in the PROFINET/DCP (PN-DCP) dissector in Wireshark ...2009

💬Community

2
Bugzilla
CVE-2009-5017 Firefox: overlong UTF-8 seqence detection problem2010-11-23
Bugzilla
CVE-2009-1210 wireshark: format string in PROFINET dissector2009-04-03