VYPR
← All advisories
Unrated severityNVD Advisory· Published Sep 2, 2008· Updated Apr 23, 2026

CVE-2008-3146

CVE-2008-3146

Description

Multiple buffer overflows in packet_ncp2222.inc in Wireshark (formerly Ethereal) 0.9.7 through 1.0.2 allow attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted NCP packet that causes an invalid pointer to be used.

Affected products

17
  • Wireshark/Wireshark17 versions
    cpe:2.3:a:wireshark:wireshark:0.9.7:*:*:*:*:*:*:*+ 16 more
    • cpe:2.3:a:wireshark:wireshark:0.9.7:*:*:*:*:*:*:*
    • cpe:2.3:a:wireshark:wireshark:0.9.8:*:*:*:*:*:*:*
    • cpe:2.3:a:wireshark:wireshark:0.99:*:*:*:*:*:*:*
    • cpe:2.3:a:wireshark:wireshark:0.99.0:*:*:*:*:*:*:*
    • cpe:2.3:a:wireshark:wireshark:0.99.1:*:*:*:*:*:*:*
    • cpe:2.3:a:wireshark:wireshark:0.99.2:*:*:*:*:*:*:*
    • cpe:2.3:a:wireshark:wireshark:0.99.3:*:*:*:*:*:*:*
    • cpe:2.3:a:wireshark:wireshark:0.99.4:*:*:*:*:*:*:*
    • cpe:2.3:a:wireshark:wireshark:0.99.5:*:*:*:*:*:*:*
    • cpe:2.3:a:wireshark:wireshark:0.99.6:*:*:*:*:*:*:*
    • cpe:2.3:a:wireshark:wireshark:0.99.6a:*:*:*:*:*:*:*
    • cpe:2.3:a:wireshark:wireshark:0.99.7:*:*:*:*:*:*:*
    • cpe:2.3:a:wireshark:wireshark:0.99.8:*:*:*:*:*:*:*
    • cpe:2.3:a:wireshark:wireshark:1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:wireshark:wireshark:1.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:wireshark:wireshark:1.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:wireshark:wireshark:1.0.2:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

19

News mentions

0

No linked articles in our index yet.