Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-9jxw-vn6y-c7h3
Vulnerability ID VCID-9jxw-vn6y-c7h3
Aliases CVE-2010-4538
Summary Multiple vulnerabilities in Wireshark allow for the remote execution of arbitrary code, or a Denial of Service condition.
Status Published
Exploitability 2.0
Weighted Severity 8.4
Risk 10.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
System Score Found at
epss 0.44468 https://api.first.org/data/v1/epss?cve=CVE-2010-4538
epss 0.44468 https://api.first.org/data/v1/epss?cve=CVE-2010-4538
epss 0.44468 https://api.first.org/data/v1/epss?cve=CVE-2010-4538
epss 0.44468 https://api.first.org/data/v1/epss?cve=CVE-2010-4538
epss 0.44468 https://api.first.org/data/v1/epss?cve=CVE-2010-4538
epss 0.44468 https://api.first.org/data/v1/epss?cve=CVE-2010-4538
epss 0.44468 https://api.first.org/data/v1/epss?cve=CVE-2010-4538
epss 0.44468 https://api.first.org/data/v1/epss?cve=CVE-2010-4538
epss 0.50594 https://api.first.org/data/v1/epss?cve=CVE-2010-4538
cvssv2 9.3 https://nvd.nist.gov/vuln/detail/CVE-2010-4538
Reference id Reference type URL
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053042.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053061.html
http://openwall.com/lists/oss-security/2010/12/31/7
http://openwall.com/lists/oss-security/2011/01/03/8
http://osvdb.org/70244
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-4538.json
https://api.first.org/data/v1/epss?cve=CVE-2010-4538
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5539
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4538
http://secunia.com/advisories/42767
http://secunia.com/advisories/42853
http://secunia.com/advisories/42910
http://secunia.com/advisories/42914
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14937
http://www.debian.org/security/2011/dsa-2144
http://www.mandriva.com/security/advisories?name=MDVSA-2011:002
http://www.redhat.com/support/errata/RHSA-2011-0013.html
http://www.securityfocus.com/bid/45634
http://www.securitytracker.com/id?1024930
http://www.vupen.com/english/advisories/2011/0008
http://www.vupen.com/english/advisories/2011/0053
http://www.vupen.com/english/advisories/2011/0069
http://www.vupen.com/english/advisories/2011/0079
http://www.vupen.com/english/advisories/2011/0099
http://www.vupen.com/english/advisories/2011/0110
608990 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608990
666894 https://bugzilla.redhat.com/show_bug.cgi?id=666894
cpe:2.3:a:wireshark:wireshark:1.4.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wireshark:wireshark:1.4.2:*:*:*:*:*:*:*
CVE-2010-1894;MS10-048 Exploit https://www.securityfocus.com/bid/bid/info
CVE-2010-4538 https://nvd.nist.gov/vuln/detail/CVE-2010-4538
CVE-2010-4538;OSVDB-70244 Exploit https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/15898.py
GLSA-201110-02 https://security.gentoo.org/glsa/201110-02
RHSA-2011:0013 https://access.redhat.com/errata/RHSA-2011:0013
Data source Exploit-DB
Date added Jan. 3, 2011
Description Wireshark - ENTTEC DMX Data RLE Buffer Overflow
Ransomware campaign use Known
Source publication date Jan. 3, 2011
Exploit type dos
Platform multiple
Source update date Nov. 12, 2016
Source URL https://www.securityfocus.com/bid/bid/info
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C Found at https://nvd.nist.gov/vuln/detail/CVE-2010-4538
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.97547
EPSS Score 0.44468
Published At April 2, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-04-01T13:01:11.223708+00:00 Gentoo Importer Import https://security.gentoo.org/glsa/201110-02 38.0.0