Security Advisory

CVE-2018-14438

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2018-07-20 00:00:00

Last updated 2024-08-05 09:29:51

Assigner mitre

State PUBLISHED

Description

In Wireshark through 2.6.2, the create_app_running_mutex function in wsutil/file_util.c calls SetSecurityDescriptorDacl to set a NULL DACL, which allows attackers to modify the access control arbitrarily.

← Browse all CVEs View on cve.org ↗