New! Vulnerability Priority Rating (VPR)
Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.
VPR Score: 7.4
Synopsis
The remote Windows host contains an application that is affected by multiple vulnerabilities.
Description
The installed version of Wireshark is 1.2.x less than 1.2.14 or 1.4.x less than 1.4.3. Such versions are affected by the following vulnerabilities :
- An error exists in the MAC-LTE dissector that allows a series of malformed packets to cause a buffer overflow.
(5530)
- An error exists in the ENTTEC dissector that allows a series of malformed packets to cause a buffer overflow.
(5539)
- An error exists in the ASN.1 BER dissector that allows a series of malformed packets to make Wireshark exit prematurely. (5537)
Solution
Upgrade to Wireshark version 1.2.14 / 1.4.3 or later.