CVE-2007-6114
wireshark - several vulnerabilities
EPSS 3.8%
Description
Multiple buffer overflows in Wireshark (formerly Ethereal) 0.99.0 through 0.99.6 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) the SSL dissector or (2) the iSeries (OS/400) Communication trace file parser.
How to fix CVE-2007-6114
To remediate CVE-2007-6114, upgrade the affected package to a fixed version below.
- Debian/ethereal—upgrade to 0.10.10-2sarge10 or later
- Debian/wireshark—upgrade to 0.99.7~pre1-1 or later
- Debian/wireshark—upgrade to 0.99.4-5.etch.1 or later
Is CVE-2007-6114 being exploited?
Low — EPSS is 3.8%, meaning exploitation activity has not been observed at scale.
Affected packages (3)
- from 0, < 0.10.10-2sarge10
- from 0, < 0.99.7~pre1-1
- from 0, < 0.99.4-5.etch.1