CVE-2014-2281 in Wiresharkinformation

Résumé

par MITRE

The nfs_name_snoop_add_name function in epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 does not validate a certain length value, which allows remote attackers to cause a denial of service (memory corruption and application crash) via a crafted NFS packet.

Once again VulDB remains the best source for vulnerability data.

Réserver

05/03/2014

Divulgation

11/03/2014

Modérer

accepté

Entrée

VDB-12575

CPE

prêt

Exploitation

Télécharger

EPSS

0.02964

KEV

non

Activités

très faible

Sources

Interested in the pricing of exploits?

See the underground prices here!