CVE-2008-3139: Infoleak
Published Jul 10, 2008
·Updated
The RTMPT dissector in Wireshark (formerly Ethereal) 0.99.8 through 1.0.0 allows remote attackers to cause a denial of service (crash) via unknown vectors. NOTE: this might be due to a use-after-free error.
Affected Software
11 affected components
Wireshark Wireshark=0.99.8
Wireshark Wireshark=0.99.3
Wireshark Wireshark=0.9.5
Wireshark Wireshark=1.0
Wireshark Wireshark=0.99.6
Wireshark Wireshark=0.99.2
rPath rPath Linux=1
Wireshark Wireshark=0.99.5
Wireshark Wireshark=0.99.4
Wireshark Wireshark=1.0.0
Wireshark Wireshark=0.99.7
Event History
Jul 10, 2008
CVE Published
via MITRE·11:00 PM
Data Sourced
via MITRE·11:00 PM
Description
Frequently Asked Questions
1
What is the severity of CVE-2008-3139?
CVE-2008-3139 is classified as a denial of service vulnerability that can lead to crashes in affected versions of Wireshark.
2
How do I fix CVE-2008-3139?
To mitigate CVE-2008-3139, users should update to the latest version of Wireshark that addresses this vulnerability.
3
Which versions of Wireshark are affected by CVE-2008-3139?
CVE-2008-3139 affects Wireshark versions from 0.99.8 to 1.0.0 inclusive.
4
Can CVE-2008-3139 be exploited remotely?
Yes, CVE-2008-3139 can be exploited remotely by attackers to cause a denial of service.
5
What kind of error may cause CVE-2008-3139?
CVE-2008-3139 might be caused by a use-after-free error in the RTMPT dissector.