{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2014-04-09T00:00:00", "descriptions": [{"lang": "en", "value": "wiretap/libpcap.c in the libpcap file parser in Wireshark 1.10.x before 1.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted packet-trace file that includes a large packet."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2014-06-18T15:57:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://anonsvn.wireshark.org/viewvc?view=revision&revision=53123"}, {"tags": ["x_refsource_MISC"], "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8808"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9753"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.wireshark.org/security/wnpa-sec-2014-05.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://anonsvn.wireshark.org/viewvc/trunk-1.10/wiretap/libpcap.c?r1=53123&r2=53122&pathrev=53123"}, {"tags": ["x_refsource_MISC"], "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9390"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2014-4174", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "wiretap/libpcap.c in the libpcap file parser in Wireshark 1.10.x before 1.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted packet-trace file that includes a large packet."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://anonsvn.wireshark.org/viewvc?view=revision&revision=53123", "refsource": "CONFIRM", "url": "http://anonsvn.wireshark.org/viewvc?view=revision&revision=53123"}, {"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8808", "refsource": "MISC", "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8808"}, {"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9753", "refsource": "CONFIRM", "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9753"}, {"name": "http://www.wireshark.org/security/wnpa-sec-2014-05.html", "refsource": "CONFIRM", "url": "http://www.wireshark.org/security/wnpa-sec-2014-05.html"}, {"name": "http://anonsvn.wireshark.org/viewvc/trunk-1.10/wiretap/libpcap.c?r1=53123&r2=53122&pathrev=53123", "refsource": "CONFIRM", "url": "http://anonsvn.wireshark.org/viewvc/trunk-1.10/wiretap/libpcap.c?r1=53123&r2=53122&pathrev=53123"}, {"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9390", "refsource": "MISC", "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9390"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T11:04:29.012Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://anonsvn.wireshark.org/viewvc?view=revision&revision=53123"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8808"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9753"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.wireshark.org/security/wnpa-sec-2014-05.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://anonsvn.wireshark.org/viewvc/trunk-1.10/wiretap/libpcap.c?r1=53123&r2=53122&pathrev=53123"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9390"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2014-4174", "datePublished": "2014-06-18T16:00:00", "dateReserved": "2014-06-17T00:00:00", "dateUpdated": "2024-08-06T11:04:29.012Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:wireshark:wireshark:1.10.0:*:*:*:*:*:*:*", "matchCriteriaId": "481435A6-4790-4B3E-8EEA-0394A6AB481A", "vulnerable": true}, {"criteria": "cpe:2.3:a:wireshark:wireshark:1.10.1:*:*:*:*:*:*:*", "matchCriteriaId": "2B0BB28A-9E61-4073-9BE2-C34AB2BCF1EB", "vulnerable": true}, {"criteria": "cpe:2.3:a:wireshark:wireshark:1.10.2:*:*:*:*:*:*:*", "matchCriteriaId": "0753BF56-C829-48C3-AA6E-C0A2A1EA1124", "vulnerable": true}, {"criteria": "cpe:2.3:a:wireshark:wireshark:1.10.3:*:*:*:*:*:*:*", "matchCriteriaId": "EC206A02-8259-4FA0-8B6F-D8C58AB946C9", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "wiretap/libpcap.c in the libpcap file parser in Wireshark 1.10.x before 1.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted packet-trace file that includes a large packet."}, {"lang": "es", "value": "wiretap/libpcap.c en el analizador de ficheros libpcap en Wireshark 1.10.x anterior a 1.10.4 permite a atacantes remotos ejecutar c\u00f3digo arbitrario o causar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria y ca\u00edda de aplicaci\u00f3n) a trav\u00e9s de un fichero de traza de paquetes manipulado que incluye un paquete grande."}], "id": "CVE-2014-4174", "lastModified": "2014-06-19T17:16:07.923", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2014-06-18T16:55:08.360", "references": [{"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://anonsvn.wireshark.org/viewvc/trunk-1.10/wiretap/libpcap.c?r1=53123&r2=53122&pathrev=53123"}, {"source": "cve@mitre.org", "url": "http://anonsvn.wireshark.org/viewvc?view=revision&revision=53123"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.wireshark.org/security/wnpa-sec-2014-05.html"}, {"source": "cve@mitre.org", "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8808"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9390"}, {"source": "cve@mitre.org", "tags": ["Exploit"], "url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=9753"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "libpcap: file parser crash (wnpa-sec-2014-05)", "id": "1086033", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1086033"}, "csaw": false, "cvss": {"cvss_base_score": "4.3", "cvss_scoring_vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "status": "draft"}, "details": ["wiretap/libpcap.c in the libpcap file parser in Wireshark 1.10.x before 1.10.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted packet-trace file that includes a large packet."], "name": "CVE-2014-4174", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "libpcap", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "libpcap", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "wireshark", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "libpcap", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "wireshark", "product_name": "Red Hat Enterprise Linux 8"}], "public_date": "2014-04-09T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2014-4174\nhttps://nvd.nist.gov/vuln/detail/CVE-2014-4174\nhttp://www.wireshark.org/security/wnpa-sec-2014-05.html"], "statement": "Red Hat Product Security has rated this issue as having Moderate security impact. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.", "threat_severity": "Moderate", "upstream_fix": "wireshark 1.10.4"}