Unrated severityNVD Advisory· Published Nov 26, 2010· Updated Jun 16, 2026
CVE-2010-3445
CVE-2010-3445
Description
Stack consumption vulnerability in the dissect_ber_unknown function in epan/dissectors/packet-ber.c in the BER dissector in Wireshark 1.4.x before 1.4.1 and 1.2.x before 1.2.12 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a long string in an unknown ASN.1/BER encoded packet, as demonstrated using SNMP.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
15cpe:2.3:a:wireshark:wireshark:1.2.0:*:*:*:*:*:*:*+ 13 more
- cpe:2.3:a:wireshark:wireshark:1.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.2.10:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.2.11:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.2.5:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.2.6:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.2.7:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.2.8:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.2.9:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.4.0:*:*:*:*:*:*:*
- (no CPE)range: <1.4.1 (1.4.x) and <1.2.12 (1.2.x)
Patches
Vulnerability mechanics
References
33- xorl.wordpress.com/2010/10/15/cve-2010-3445-wireshark-asn-1-ber-stack-overflow/nvdExploit
- www.kb.cert.org/vuls/id/215900nvdUS Government Resource
- archives.neohapsis.com/archives/bugtraq/2010-09/0088.htmlnvd
- blogs.sun.com/security/entry/resource_management_errors_vulnerability_innvd
- lists.fedoraproject.org/pipermail/package-announce/2011-March/055364.htmlnvd
- lists.fedoraproject.org/pipermail/package-announce/2011-March/055650.htmlnvd
- lists.fedoraproject.org/pipermail/package-announce/2011-March/055664.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.htmlnvd
- lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.htmlnvd
- secunia.com/advisories/42392nvd
- secunia.com/advisories/42411nvd
- secunia.com/advisories/42877nvd
- secunia.com/advisories/43068nvd
- secunia.com/advisories/43759nvd
- secunia.com/advisories/43821nvd
- www.debian.org/security/2010/dsa-2127nvd
- www.mandriva.com/security/advisoriesnvd
- www.openwall.com/lists/oss-security/2010/10/01/10nvd
- www.openwall.com/lists/oss-security/2010/10/12/1nvd
- www.redhat.com/support/errata/RHSA-2010-0924.htmlnvd
- www.redhat.com/support/errata/RHSA-2011-0370.htmlnvd
- www.securityfocus.com/bid/43197nvd
- www.vupen.com/english/advisories/2010/3067nvd
- www.vupen.com/english/advisories/2010/3093nvd
- www.vupen.com/english/advisories/2011/0076nvd
- www.vupen.com/english/advisories/2011/0212nvd
- www.vupen.com/english/advisories/2011/0404nvd
- www.vupen.com/english/advisories/2011/0626nvd
- www.vupen.com/english/advisories/2011/0719nvd
- www.wireshark.org/security/wnpa-sec-2010-12.htmlnvd
- bugs.wireshark.org/bugzilla/show_bug.cginvd
- bugzilla.redhat.com/show_bug.cginvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14607nvd
News mentions
0No linked articles in our index yet.