Main Vulnerability Database Exploits ID:3706 - Exploit for Input validation error in Wireshark - CVE-2011-3360

ID:3706 - Exploit for Input validation error in Wireshark - CVE-2011-3360

Published: August 4, 2020

Vulnerability identifier: #VU33962

Vulnerability risk: High

CVE-ID: CVE-2011-3360

CWE-ID: CWE-20

Exploitation vector: Remote access

Vulnerable software:
Wireshark

Link to public exploit:

https://www.exploit-db.com/exploits/18125/

Vulnerability description

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

Untrusted search path vulnerability in Wireshark 1.4.x before 1.4.9 and 1.6.x before 1.6.2 allows local users to gain privileges via a Trojan horse Lua script in an unspecified directory. Per: http://cwe.mitre.org/data/definitions/426.html 'CWE-426: Untrusted Search Path'

Remediation

Install update from vendor's website.

ID:3706 - Exploit for Input validation error in Wireshark - CVE-2011-3360

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human