CVE-2010-4538
wireshark - buffer overflow
EPSS 44.5%
Description
Buffer overflow in the sect_enttec_dmx_da function in epan/dissectors/packet-enttec.c in Wireshark 1.4.2 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted ENTTEC DMX packet with Run Length Encoding (RLE) compression.
How to fix CVE-2010-4538
To remediate CVE-2010-4538, upgrade the affected package to a fixed version below.
- Debian/wireshark—upgrade to 1.2.11-6 or later
- Debian/wireshark—upgrade to 1.0.2-3+lenny12 or later
Is CVE-2010-4538 being exploited?
Moderate — EPSS is 44.5%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (2)
- from 0, < 1.2.11-6
- from 0, < 1.0.2-3+lenny12