Release DateNov 26, 2011 |
Severitymedium |
ImpactSystem Compromise: Remote attackers can gain control of vulnerable systems. |
DescriptionThis indicates an attempt to exploit a Insecure Search Path vulnerability in Wireshark.The vulnerability is due to the vulnerable application's failure to sanitize user-supplied input. A remote attacker can exploit this by enticing a user to open a specially crafted pcap file. Successful exploitation may allow attackers to execute arbitrary lua scripts in the context of the running application. |
Affected ProductsWireshark Foundation Wireshark 1.4.8 and priorWireshark Foundation Wireshark 1.6.1 and prior |
Recommended ActionsApply patches or fixes, available from the website:http://www.Wireshark.org/security/wnpa-sec-2011-15.html |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2011-3360 |
