CVE-2010-2287

critical

Description

Buffer overflow in the SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.8 through 1.0.13 and 1.2.0 through 1.2.8 has unknown impact and remote attack vectors.

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11836

http://www.wireshark.org/security/wnpa-sec-2010-06.html

http://www.wireshark.org/security/wnpa-sec-2010-05.html

http://www.vupen.com/english/advisories/2011/0212

http://www.vupen.com/english/advisories/2011/0076

http://www.vupen.com/english/advisories/2010/1418

http://www.securityfocus.com/bid/40728

http://www.openwall.com/lists/oss-security/2010/06/11/1

http://www.mandriva.com/security/advisories?name=MDVSA-2010:144

http://www.mandriva.com/security/advisories?name=MDVSA-2010:113

http://secunia.com/advisories/43068

http://secunia.com/advisories/42877

http://secunia.com/advisories/40112

http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html

http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html

Details

Source: Mitre, NVD

Published: 2010-06-15

Updated: 2025-04-11

Risk Information

CVSS v2

Base Score: 8.3

Vector: CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.04031

Detections

Analytics