CVE-2011-1591 — Vulnetix

Try Vulnetix Request Demo

CVE-2011-1591 PUBLISHED CVSS 9.300000190734863 CRITICAL

Stack-based buffer overflow in the DECT dissector in epan/dissectors/packet-dect.c in Wireshark 1.4.x before 1.4.5 allows remote attackers to execute arbitrary code via a crafted .pcap file.

EPSS 77.21% · 99.0th percentile

Risk Scores

CVSS v4.0

9.300000190734863

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

EPSS Score

77.21%

99.0th percentile

Affected Products

Vendor	Product	Versions
n/a	n/a	n/a
wireshark	wireshark	1.4.0, 1.4.1, 1.4.2

Timeline

CVE Published
Apr 18, 2011 PoC Published
Apr 19, 2011 PoC Published
May 29, 2018 PoC Published
Feb 4, 2022 EPSS Score
Mar 28, 2022 EPSS Score
May 19, 2022 EPSS Score
Jun 19, 2022 EPSS Score
Sep 1, 2022 EPSS Score
Oct 23, 2022 EPSS Score
Feb 4, 2023 EPSS Score
Mar 7, 2023 EPSS Score

References

17185 exploit
wireshark-dect-bo(66834) vdb
MDVSA-2011:083 vendor-advisory
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5836 url
FEDORA-2011-5621 vendor-advisory
FEDORA-2011-5529 vendor-advisory
17195 exploit
[oss-security] 20110418 Re: Wireshark 1.2.16 / 1.4.5 mailing-list
oval:org.mitre.oval:def:15000 vdb
FEDORA-2011-5569 vendor-advisory
44374 third-party-advisory
71848 vdb
http://www.wireshark.org/security/wnpa-sec-2011-06.html url
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5838 url
44172 third-party-advisory
1025389 vdb
ADV-2011-1022 vdb
VU#243670 third-party-advisory
[oss-security] 20110418 Wireshark 1.2.16 / 1.4.5 mailing-list
ADV-2011-1106 vdb

…and 1 more

Open in Interactive Console →