CVE-2012-6052Sensitive Information Exposure in Wireshark

CWE-200Sensitive Information Exposure5 documents5 sources
Severity
5.0MEDIUMNVD
EPSS
0.2%
top 54.53%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
WiresharkDebian Wireshark
Timeline
PublishedDec 5
Latest updateMay 17

Description

Wireshark 1.8.x before 1.8.4 allows remote attackers to obtain sensitive hostname information by reading pcap-ng files.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages3 packages

debiandebian/wireshark< wireshark 1.8.6-1 (bookworm)
Debianwireshark/wireshark< 1.8.6-1+3
NVDwireshark/wireshark4 versions+3

🔴Vulnerability Details

2
GHSA
GHSA-9q3g-98q9-cpqq: Wireshark 12022-05-17
OSV
CVE-2012-6052: Wireshark 12012-12-05

📋Vendor Advisories

2
Red Hat
wireshark: pcap-ng hostname disclosure (wnpa-sec-2012-30)2012-11-28
Debian
CVE-2012-6052: wireshark - Wireshark 1.8.x before 1.8.4 allows remote attackers to obtain sensitive hostnam...2012