VDB

CVE-2019-1010220

CVE-2019-1010220 PUBLISHED

tcpdump.org tcpdump 4.9.2 is affected by: CWE-126: Buffer Over-read. The impact is: May expose Saved Frame Pointer, Return Address etc. on stack. The component is: line 234: "ND_PRINT((ndo, "%s", buf));", in function named "print_prefix", in "print-hncp.c". The attack vector is: The victim must open a specially crafted pcap file.

EPSS 0.29% · 52.5th percentile

Risk Scores

EPSS Score
0.29%
52.5th percentile

Affected Products

VendorProductVersions
Ubuntu:18.04:LTStcpdump4.9.2-2, 4.9.2-2build1, 4.9.2-2ubuntu1
Ubuntu:16.04:LTStcpdump0, *, 4.7.4-1ubuntu1
Ubuntu:Pro:14.04:LTStcpdump0, 4.4.0-1ubuntu1, 4.5.1-2ubuntu1

Exploit Intelligence

…and 1 more exploits

Timeline

  • Jul 22, 2019 CVE Published
  • Apr 14, 2021 EPSS Score
  • Jun 23, 2021 EPSS Score
  • Aug 24, 2021 EPSS Score
  • Oct 26, 2021 EPSS Score
  • Jan 6, 2022 EPSS Score
  • Feb 4, 2022 EPSS Score
  • Feb 28, 2022 EPSS Score
  • Apr 1, 2022 EPSS Score
  • May 2, 2022 EPSS Score
  • Jul 3, 2022 EPSS Score
  • Sep 5, 2022 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›