CVE-2010-2993Improper Input Validation in Wireshark

CWE-20Improper Input Validation5 documents5 sources
Severity
5.0MEDIUMNVD
EPSS
0.9%
top 23.94%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
WiresharkDebian Wireshark
Timeline
PublishedAug 13
Latest updateMay 17

Description

The IPMI dissector in Wireshark 1.2.0 through 1.2.9 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages3 packages

debiandebian/wireshark< wireshark 1.2.10-1 (bookworm)
Debianwireshark/wireshark< 1.2.10-1+3
NVDwireshark/wireshark11 versions+10

🔴Vulnerability Details

2
GHSA
GHSA-pqqg-vjc6-jjj6: The IPMI dissector in Wireshark 12022-05-17
OSV
CVE-2010-2993: The IPMI dissector in Wireshark 12010-08-13

📋Vendor Advisories

1
Debian
CVE-2010-2993: wireshark - The IPMI dissector in Wireshark 1.2.0 through 1.2.9 allows remote attackers to c...2010

💬Community

1
Bugzilla
CVE-2010-2992 CVE-2010-2993 wireshark: 1.2.10 corrects multiple vulnerabilities2010-08-12