HIGH🇵🇱 Wersja polska

CVE-2009-1210

CVSS 10.0v2.0pub. 2009-04-01upd. 2026-04-23

Format string vulnerability in the PROFINET/DCP (PN-DCP) dissector in Wireshark 1.0.6 and earlier allows remote attackers to execute arbitrary code via a PN-DCP packet with format string specifiers in the station name. NOTE: some of these details are obtained from third party information.

CVSS Vector
AV:N/AC:L/Au:N/C:C/I:C/A:C
  • Wireshark

    APP
    Wireshark
    0.100.10.10.10.100.10.110.10.120.10.130.10.140.10.20.10.30.10.40.10.50.10.60.10.70.10.80.10.9+ 27 więcej
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2018-6836CRITICAL9.8ten sam produkt

The netmonrec_comment_destroy function in wiretap/netmon.c in Wireshark through 2.4.4 performs a free operatio...

CVE-2026-5656HIGH7.0ten sam produkt

Profile import path traversal in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service and pos...

CVE-2026-5405HIGH7.8ten sam produkt

RDP protocol dissector crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service and poss...

CVE-2026-5403HIGH7.8ten sam produkt

SBC codec crash in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service and possible code exe...

CVE-2026-5402HIGH8.8ten sam produkt

TLS protocol dissector heap overflow in Wireshark 4.6.0 to 4.6.4 allows denial of service and possible code ex...