CVE-2007-6115
wireshark ANSI MAP flaws
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Buffer overflow in the ANSI MAP dissector for Wireshark (formerly Ethereal) 0.99.5 to 0.99.6, when running on unspecified platforms, allows remote attackers to cause a denial of service and possibly execute arbitrary code via unknown vectors.
Desbordamiento de buffer en el ANSI MAP dissector para Wireshark (formalmente Ethereal), desde la versión 0.99.5 a la 0.99.6. Cuando se ejecuta en plataformas no especificadas, permite que atacantes remotos causen una denegación de servicio y, posiblemente, que ejecuten código de su elección, utilizando vectores desconocidos.
Multiple buffer overflows and infinite loops were discovered in multiple dissector and parser components, including those for MP3 and NCP (CVE-2007-6111), PPP (CVE-2007-6112), DNP (CVE-2007-6113), SSL and iSeries (OS/400) Communication traces (CVE-2007-6114), ANSI MAP (CVE-2007-6115), Firebird/Interbase (CVE-2007-6116), HTTP (CVE-2007-6117), MEGACO (CVE-2007-6118), DCP ETSI (CVE-2007-6119), Bluetooth SDP (CVE-2007-6120), RPC Portmap (CVE-2007-6121), SMB (CVE-2007-6438), IPv6 amd USB (CVE-2007-6439), WiMAX (CVE-2007-6441), RPL (CVE-2007-6450), CIP (CVE-2007-6451). The vulnerabilities were discovered by Stefan Esser, Beyond Security, Fabiodds, Peter Leeming, Steve and ainsley. Versions less than 0.99.7 are affected.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2007-11-23 CVE Reserved
- 2007-11-23 CVE Published
- 2024-08-07 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (29)
| URL | Tag | Source |
|---|---|---|
| http://bugs.gentoo.org/show_bug.cgi?id=199958 | X_refsource_misc | |
| http://secunia.com/advisories/29048 | Third Party Advisory | |
| http://securitytracker.com/id?1018988 | Vdb Entry | |
| http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0004 | X_refsource_confirm | |
| http://www.securityfocus.com/archive/1/485792/100/0/threaded | Mailing List | |
| http://www.vupen.com/english/advisories/2007/3956 | Vdb Entry | |
| https://issues.rpath.com/browse/RPL-1975 | X_refsource_confirm | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14578 | Signature | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9726 | Signature |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.securityfocus.com/bid/26532 | 2018-10-15 | |
| http://www.wireshark.org/security/wnpa-sec-2007-03.html | 2018-10-15 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Wireshark Search vendor "Wireshark" | Wireshark Search vendor "Wireshark" for product "Wireshark" | 0.99.5 Search vendor "Wireshark" for product "Wireshark" and version "0.99.5" | - |
Affected
| ||||||
| Wireshark Search vendor "Wireshark" | Wireshark Search vendor "Wireshark" for product "Wireshark" | 0.99.6 Search vendor "Wireshark" for product "Wireshark" and version "0.99.6" | - |
Affected
| ||||||