CVE-2009-4377 : Detail

CVE-2009-4377

0.72%V3
Network
2009-12-21
20h00 +00:00
2017-09-18
10h57 +00:00
Notifications for a CVE
Stay informed of any changes for a specific CVE.
Notifications manage

CVE Descriptions

The (1) SMB and (2) SMB2 dissectors in Wireshark 0.9.0 through 1.2.4 allow remote attackers to cause a denial of service (crash) via a crafted packet that triggers a NULL pointer dereference, as demonstrated by fuzz-2009-12-07-11141.pcap.

CVE Informations

Related Weaknesses

CWE-ID Weakness Name Source
CWE Other No informations.

Metrics

Metrics Score Severity CVSS Vector Source
V2 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P nvd@nist.gov

EPSS

EPSS is a scoring model that predicts the likelihood of a vulnerability being exploited.

EPSS Score

The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.

EPSS Percentile

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.

Products Mentioned

Configuraton 0

Wireshark>>Wireshark >> Version 0.9.2

    Wireshark>>Wireshark >> Version 0.9.5

      Wireshark>>Wireshark >> Version 0.9.6

        Wireshark>>Wireshark >> Version 0.9.7

          Wireshark>>Wireshark >> Version 0.9.8

            Wireshark>>Wireshark >> Version 0.9.10

              Wireshark>>Wireshark >> Version 0.9.14

                Wireshark>>Wireshark >> Version 0.99

                  Wireshark>>Wireshark >> Version 0.99.0

                    Wireshark>>Wireshark >> Version 0.99.1

                      Wireshark>>Wireshark >> Version 0.99.2

                      Wireshark>>Wireshark >> Version 0.99.3

                      Wireshark>>Wireshark >> Version 0.99.4

                      Wireshark>>Wireshark >> Version 0.99.5

                      Wireshark>>Wireshark >> Version 0.99.6

                      Wireshark>>Wireshark >> Version 0.99.6a

                        Wireshark>>Wireshark >> Version 0.99.7

                        Wireshark>>Wireshark >> Version 0.99.8

                        Wireshark>>Wireshark >> Version 0.99.9

                          Wireshark>>Wireshark >> Version 1.0

                            Wireshark>>Wireshark >> Version 1.0.0

                            Wireshark>>Wireshark >> Version 1.0.1

                            Wireshark>>Wireshark >> Version 1.0.2

                            Wireshark>>Wireshark >> Version 1.0.3

                            Wireshark>>Wireshark >> Version 1.0.4

                            Wireshark>>Wireshark >> Version 1.0.5

                            Wireshark>>Wireshark >> Version 1.0.6

                            Wireshark>>Wireshark >> Version 1.0.7

                            Wireshark>>Wireshark >> Version 1.0.8

                            Wireshark>>Wireshark >> Version 1.0.9

                            Wireshark>>Wireshark >> Version 1.2

                              Wireshark>>Wireshark >> Version 1.2.0

                              Wireshark>>Wireshark >> Version 1.2.1

                              Wireshark>>Wireshark >> Version 1.2.2

                              Wireshark>>Wireshark >> Version 1.2.3

                              Wireshark>>Wireshark >> Version 1.2.4

                              References

                              http://osvdb.org/61178
                              Tags : vdb-entry, x_refsource_OSVDB
                              http://www.debian.org/security/2009/dsa-1983
                              Tags : vendor-advisory, x_refsource_DEBIAN
                              http://secunia.com/advisories/37916
                              Tags : third-party-advisory, x_refsource_SECUNIA
                              http://secunia.com/advisories/37842
                              Tags : third-party-advisory, x_refsource_SECUNIA
                              http://www.vupen.com/english/advisories/2009/3596
                              Tags : vdb-entry, x_refsource_VUPEN
                              http://www.securityfocus.com/bid/37407
                              Tags : vdb-entry, x_refsource_BID
                              http://www.securitytracker.com/id?1023374
                              Tags : vdb-entry, x_refsource_SECTRACK
                              http://www.mandriva.com/security/advisories?name=MDVSA-2010:031
                              Tags : vendor-advisory, x_refsource_MANDRIVA