← volver
CVE-2010-3843

CVE-2010-3843

EPSS 0.3%CWE-787
Vexday Risk Score
3Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS EPSS 0.3%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
28 may 2021Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
The GTK version of ettercap uses a global settings file at /tmp/.ettercap_gtk and does not verify ownership of this file. When parsing this file for settings in gtkui_conf_read() (src/interfacesgtk/ec_gtk_conf.c), an unchecked sscanf() call allows a maliciously placed settings file to overflow a statically-sized buffer on the stack.
Productos afectados
n/a · ettercap