CVE-2008-3146

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.0700%

EPSS Percentile40.78th

Published2008年9月2日

Last Modified2026年4月23日

Vulnerability Description

Multiple buffer overflows in packet_ncp2222.inc in Wireshark (formerly Ethereal) 0.9.7 through 1.0.2 allow attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted NCP packet that causes an invalid pointer to be used.

Affected Platforms (CPE)

📦

Wireshark

= 0.9.7

📦

Wireshark

= 0.9.8

📦

Wireshark

= 0.99

📦

Wireshark

= 0.99.0

📦

Wireshark

= 0.99.1

📦

Wireshark

= 0.99.2

📦

Wireshark

= 0.99.3

📦

Wireshark

= 0.99.4

📦

Wireshark

= 0.99.5

📦

Wireshark

= 0.99.6

📦

Wireshark

= 0.99.6a

📦

Wireshark

= 0.99.7

📦

Wireshark

= 0.99.8

📦

Wireshark

= 1.0

📦

Wireshark

= 1.0.0

📦

Wireshark

= 1.0.1

📦

Wireshark

= 1.0.2

References & Advisories

🔗 http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2675

🔗 http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html

🔗 http://secunia.com/advisories/31687

🔗 http://secunia.com/advisories/31864

🔗 http://secunia.com/advisories/31886

🔗 http://secunia.com/advisories/32028

🔗 http://secunia.com/advisories/32091

🔗 http://security.gentoo.org/glsa/glsa-200809-17.xml

Vulnerability Description

Affected Platforms (CPE)

Wireshark

Wireshark

Wireshark

Wireshark

Wireshark

Wireshark

Wireshark

Wireshark

Wireshark

Wireshark

Wireshark

Wireshark

Wireshark

Wireshark

Wireshark

Wireshark

Wireshark

References & Advisories

相關漏洞威脅