CVE-2009-0601
EPSS 0.04%
Description
Format string vulnerability in Wireshark 0.99.8 through 1.0.5 on non-Windows platforms allows local users to cause a denial of service (application crash) via format string specifiers in the HOME environment variable.
How to fix CVE-2009-0601
To remediate CVE-2009-0601, upgrade the affected package to a fixed version below.
- Debian/wireshark—upgrade to 1.0.6-1 or later
Is CVE-2009-0601 being exploited?
Low — EPSS is 0.0%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 1.0.6-1