Test ID:	1.3.6.1.4.1.25623.1.0.902198
Category:	Denial of Service
Title:	Wireshark SigComp Universal Decompressor Virtual Machine dissector DOS Vulnerability - Windows
Summary:	Wireshark is prone to a denial of service (DoS) vulnerability.
Description:	Summary: Wireshark is prone to a denial of service (DoS) vulnerability. Vulnerability Insight: The flaw is caused by an off-by-one error within the SigComp Universal Decompressor Virtual Machine, which could be exploited by attackers to crash an affected application or execute arbitrary code via unknown vectors. Vulnerability Impact: Successful exploitation will allow the attackers to crash an affected application. Affected Software/OS: Wireshark version 0.10.7 through 1.0.13 and 1.2.0 through 1.2.8 Solution: Upgrade to Wireshark version 1.0.14 or 1.2.9: CVSS Score: 3.3 CVSS Vector: AV:A/AC:L/Au:N/C:N/I:N/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2010-2286 BugTraq ID: 40728 http://www.securityfocus.com/bid/40728 http://www.mandriva.com/security/advisories?name=MDVSA-2010:113 http://www.openwall.com/lists/oss-security/2010/06/11/1 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11792 http://secunia.com/advisories/40112 http://secunia.com/advisories/42877 http://secunia.com/advisories/43068 SuSE Security Announcement: SUSE-SR:2011:001 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html SuSE Security Announcement: SUSE-SR:2011:002 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html http://www.vupen.com/english/advisories/2010/1418 http://www.vupen.com/english/advisories/2011/0076 http://www.vupen.com/english/advisories/2011/0212
Copyright	Copyright (C) 2010 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.