{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Les versions de Wireshark et tshark ant\u00e9rieures \u00e0 0.99.7.","product":{"name":"Wireshark","vendor":{"name":"Wireshark","scada":false}}}],"affected_systems_content":null,"content":"## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 identifi\u00e9es dans l'outil d'analyse\nprotocolaire Wireshark (prolongement de l'ancien projet Ethereal). Elles\nconcernent notamment un ensemble de modules utilis\u00e9s pour interpr\u00e9ter\ndes protocoles ou des formats comme : DNP, SSL, HTTP, PPP, Bluetooth\nSDP, IPv6, SMB, etc.\n\nCes vuln\u00e9rabilit\u00e9s peuvent \u00eatre exploit\u00e9es par une personne\nmalveillante, au moyen de trames sp\u00e9cialement construites et envoy\u00e9es \u00e0\ndistance, afin de perturber le service, ou dans certaines conditions,\nd'ex\u00e9cuter du code arbitraire sur le syst\u00e8me o\u00f9 le service est install\u00e9.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 wnpa-sec-2007-03 du projet Wireshark\npour l'obtention des correctifs (cf. section Documentation).\n","cves":[{"name":"CVE-2007-6446","url":"https://www.cve.org/CVERecord?id=CVE-2007-6446"},{"name":"CVE-2007-6450","url":"https://www.cve.org/CVERecord?id=CVE-2007-6450"},{"name":"CVE-2007-6442","url":"https://www.cve.org/CVERecord?id=CVE-2007-6442"},{"name":"CVE-2007-6121","url":"https://www.cve.org/CVERecord?id=CVE-2007-6121"},{"name":"CVE-2007-6119","url":"https://www.cve.org/CVERecord?id=CVE-2007-6119"},{"name":"CVE-2007-6113","url":"https://www.cve.org/CVERecord?id=CVE-2007-6113"},{"name":"CVE-2007-6112","url":"https://www.cve.org/CVERecord?id=CVE-2007-6112"},{"name":"CVE-2007-6447","url":"https://www.cve.org/CVERecord?id=CVE-2007-6447"},{"name":"CVE-2007-6451","url":"https://www.cve.org/CVERecord?id=CVE-2007-6451"},{"name":"CVE-2007-6438","url":"https://www.cve.org/CVERecord?id=CVE-2007-6438"},{"name":"CVE-2007-6439","url":"https://www.cve.org/CVERecord?id=CVE-2007-6439"},{"name":"CVE-2007-6443","url":"https://www.cve.org/CVERecord?id=CVE-2007-6443"},{"name":"CVE-2007-6115","url":"https://www.cve.org/CVERecord?id=CVE-2007-6115"},{"name":"CVE-2007-6441","url":"https://www.cve.org/CVERecord?id=CVE-2007-6441"},{"name":"CVE-2007-6111","url":"https://www.cve.org/CVERecord?id=CVE-2007-6111"},{"name":"CVE-2007-6116","url":"https://www.cve.org/CVERecord?id=CVE-2007-6116"},{"name":"CVE-2007-6445","url":"https://www.cve.org/CVERecord?id=CVE-2007-6445"},{"name":"CVE-2007-6114","url":"https://www.cve.org/CVERecord?id=CVE-2007-6114"},{"name":"CVE-2007-6117","url":"https://www.cve.org/CVERecord?id=CVE-2007-6117"},{"name":"CVE-2007-6448","url":"https://www.cve.org/CVERecord?id=CVE-2007-6448"},{"name":"CVE-2007-6449","url":"https://www.cve.org/CVERecord?id=CVE-2007-6449"},{"name":"CVE-2007-6444","url":"https://www.cve.org/CVERecord?id=CVE-2007-6444"},{"name":"CVE-2007-6120","url":"https://www.cve.org/CVERecord?id=CVE-2007-6120"},{"name":"CVE-2007-6440","url":"https://www.cve.org/CVERecord?id=CVE-2007-6440"},{"name":"CVE-2007-6118","url":"https://www.cve.org/CVERecord?id=CVE-2007-6118"}],"links":[{"title":"Bulletin de s\u00e9curit\u00e9 Wireshark wnpa-sec-2007-03 du 18    d\u00e9cembre 2007 :","url":"http://www.wireshark.org/security/wnpa-sec-2007-03.html"},{"title":"Site officiel du projet Wireshark :","url":"http://www.wireshark.org"}],"reference":"CERTA-2007-AVI-559","revisions":[{"description":"version initiale.","revision_date":"2007-12-20T00:00:00.000000"},{"description":"ajout de r\u00e9f\u00e9rences CVE.","revision_date":"2007-12-31T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"}],"summary":"Plusieurs vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 identifi\u00e9es dans l'outil d'analyse\nprotocolaire Wireshark (prolongement de l'ancien projet Ethereal).\nCelles-ci peuvent \u00eatre exploit\u00e9es au moyen de trames sp\u00e9cialement\nconstruites et envoy\u00e9es \u00e0 distance, afin de perturber le service.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans Wireshark","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Wireshark wnpa-sec-2007-03 du 18 d\u00e9cembre 2007","url":null}]}