Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-sarb-ztwn-1ugh
Vulnerability ID VCID-sarb-ztwn-1ugh
Aliases CVE-2011-1591
Summary Multiple vulnerabilities in Wireshark allow for the remote execution of arbitrary code, or a Denial of Service condition.
Status Published
Exploitability 2.0
Weighted Severity 8.4
Risk 10.0
Affected and Fixed Packages Package Details
Weaknesses (2)
CWE-122 Heap-based Buffer Overflow
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
System Score Found at
epss 0.77213 https://api.first.org/data/v1/epss?cve=CVE-2011-1591
epss 0.77213 https://api.first.org/data/v1/epss?cve=CVE-2011-1591
epss 0.77213 https://api.first.org/data/v1/epss?cve=CVE-2011-1591
epss 0.77213 https://api.first.org/data/v1/epss?cve=CVE-2011-1591
epss 0.77213 https://api.first.org/data/v1/epss?cve=CVE-2011-1591
epss 0.77213 https://api.first.org/data/v1/epss?cve=CVE-2011-1591
epss 0.77213 https://api.first.org/data/v1/epss?cve=CVE-2011-1591
cvssv2 9.3 https://nvd.nist.gov/vuln/detail/CVE-2011-1591
Reference id Reference type URL
http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058900.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058983.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058993.html
http://openwall.com/lists/oss-security/2011/04/18/2
http://openwall.com/lists/oss-security/2011/04/18/8
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-1591.json
https://api.first.org/data/v1/epss?cve=CVE-2011-1591
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5836
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5838
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1591
http://secunia.com/advisories/44172
http://secunia.com/advisories/44374
http://securitytracker.com/id?1025389
https://exchange.xforce.ibmcloud.com/vulnerabilities/66834
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15000
http://www.exploit-db.com/exploits/17185
http://www.exploit-db.com/exploits/17195
http://www.kb.cert.org/vuls/id/243670
http://www.mandriva.com/security/advisories?name=MDVSA-2011:083
http://www.osvdb.org/71848
http://www.vupen.com/english/advisories/2011/1022
http://www.vupen.com/english/advisories/2011/1106
http://www.wireshark.org/security/wnpa-sec-2011-06.html
697746 https://bugzilla.redhat.com/show_bug.cgi?id=697746
cpe:2.3:a:wireshark:wireshark:1.4.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wireshark:wireshark:1.4.0:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.4.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wireshark:wireshark:1.4.1:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.4.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wireshark:wireshark:1.4.2:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.4.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wireshark:wireshark:1.4.3:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.4.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:wireshark:wireshark:1.4.4:*:*:*:*:*:*:*
CVE-2011-1591 https://nvd.nist.gov/vuln/detail/CVE-2011-1591
CVE-2011-1591;OSVDB-71848 Exploit https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/18145.py
CVE-2011-1591;OSVDB-71848 Exploit https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/17185.py
CVE-2011-1591;OSVDB-71848 Exploit https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/17186.rb
CVE-2011-1591;OSVDB-71848 Exploit https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/17195.rb
GLSA-201110-02 https://security.gentoo.org/glsa/201110-02
Data source Exploit-DB
Date added April 21, 2011
Description Wireshark 1.4.4 - 'packet-dect.c' Remote Stack Buffer Overflow (Metasploit) (2)
Ransomware campaign use Known
Source publication date April 19, 2011
Exploit type remote
Platform windows
Source update date April 21, 2011
Data source Metasploit
Description This module exploits a stack buffer overflow in Wireshark <= 1.4.4 by sending a malicious packet.
Note 
Reliability:
  - unknown-reliability
Stability:
  - unknown-stability
SideEffects:
  - unknown-side-effects
Ransomware campaign use Unknown
Source publication date April 18, 2011
Platform Windows
Source URL https://github.com/rapid7/metasploit-framework/tree/master/modules/exploits/windows/misc/wireshark_packet_dect.rb
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C Found at https://nvd.nist.gov/vuln/detail/CVE-2011-1591
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.98963
EPSS Score 0.77213
Published At April 1, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-04-01T13:01:11.417325+00:00 Gentoo Importer Import https://security.gentoo.org/glsa/201110-02 38.0.0