CVE-2011-3360
wireshark - programming error
EPSS 65.0%
Description
Untrusted search path vulnerability in Wireshark 1.4.x before 1.4.9 and 1.6.x before 1.6.2 allows local users to gain privileges via a Trojan horse Lua script in an unspecified directory.
How to fix CVE-2011-3360
To remediate CVE-2011-3360, upgrade the affected package to a fixed version below.
- Debian/wireshark—upgrade to 1.6.2-1 or later
- Debian/wireshark—upgrade to 1.2.11-6+squeeze4 or later
Is CVE-2011-3360 being exploited?
Likely — EPSS is 65.0%, placing CVE-2011-3360 in the top tier of vulnerabilities by exploitation probability. Prioritise patching.
Affected packages (2)
- from 0, < 1.6.2-1
- from 0, < 1.2.11-6+squeeze4