CVE-2010-2995 — Off-by-one Error in Wireshark

7 documents6 sources

Severity

10.0CRITICALNVD

OSV8.3

EPSS

5.1%

top 10.17%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Wireshark Debian Wireshark

Timeline

PublishedAug 13

Latest updateMay 17

Description

The SigComp Universal Decompressor Virtual Machine (UDVM) in Wireshark 0.10.8 through 1.0.14 and 1.2.0 through 1.2.9 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to sigcomp-udvm.c and an off-by-one error, which triggers a buffer overflow, different vulnerabilities than CVE-2010-2287.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages3 packages

▶debiandebian/wireshark< wireshark 1.2.10-1 (bookworm)

▶Debianwireshark/wireshark< 1.2.10-1+3

▶NVDwireshark/wireshark33 versions+32

🔴Vulnerability Details

GHSA

GHSA-cxh7-25p5-8q7m: The SigComp Universal Decompressor Virtual Machine (UDVM) in Wireshark 0↗2022-05-17

▶

OSV

CVE-2010-2995: The SigComp Universal Decompressor Virtual Machine (UDVM) in Wireshark 0↗2010-08-13

▶

📋Vendor Advisories

Red Hat

wireshark: SigComp UDVM dissector buffer overruns↗2010-06-09

▶

Debian

CVE-2010-2995: wireshark - The SigComp Universal Decompressor Virtual Machine (UDVM) in Wireshark 0.10.8 th...↗2010

▶

💬Community

Bugzilla

CVE-2010-2992 CVE-2010-2993 wireshark: 1.2.10 corrects multiple vulnerabilities↗2010-08-12

▶

Bugzilla

CVE-2010-2995 wireshark: SigComp UDVM dissector buffer overruns↗2010-06-15

▶