Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2009-3243 — Wireshark vulnerability

6 documents6 sources

Severity

5.0MEDIUMNVD

EPSS

3.9%

top 11.78%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Wireshark Debian Wireshark

Timeline

PublishedSep 18

Latest updateMay 2

Description

Unspecified vulnerability in the TLS dissector in Wireshark 1.2.0 and 1.2.1, when running on Windows, allows remote attackers to cause a denial of service (application crash) via unknown vectors related to TLS 1.2 conversations.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

▶debiandebian/wireshark

▶NVDwireshark/wireshark1.2.0, 1.2.1+1

🔴Vulnerability Details

GHSA

GHSA-7ppr-2cvm-q8gq: Unspecified vulnerability in the TLS dissector in Wireshark 1↗2022-05-02

▶

💥Exploits & PoCs

Exploit-DB

Wireshark 1.2.1 - TLS Dissector 1.2 Conversation Handling Remote Denial of Service↗2009-09-15

▶

📋Vendor Advisories

Debian

CVE-2009-3243: wireshark - Unspecified vulnerability in the TLS dissector in Wireshark 1.2.0 and 1.2.1, whe...↗2009

▶

Red Hat

CVE-2009-3243: Unspecified vulnerability in the TLS dissector in Wireshark 1↗

▶

💬Community

Bugzilla

CVE-2009-2560 Wireshark: Past-the-buffer read in the MIOP dissector↗2009-07-21

▶