← back
CVE-2008-3933

CVE-2008-3933

EPSS 0.6%
Wireshark (formerly Ethereal) 0.10.14 through 1.0.2 allows attackers to cause a denial of service (crash) via a packet with crafted zlib-compressed data that triggers an invalid read in the tvb_uncompress function.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2649https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2682http://secunia.com/advisories/31864http://secunia.com/advisories/31886http://secunia.com/advisories/32028http://secunia.com/advisories/32091http://secunia.com/advisories/32944http://security.gentoo.org/glsa/glsa-200809-17.xmlhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9620http://support.avaya.com/elmodocs2/security/ASA-2008-392.htmhttps://www.redhat.com/archives/fedora-package-announce/2008-September/msg00713.htmlhttps://www.redhat.com/archives/fedora-package-announce/2008-September/msg00715.html