| ID |
CVE-2012-1593
|
| Summary |
epan/dissectors/packet-ansi_a.c in the ANSI A dissector in Wireshark 1.4.x before 1.4.12 and 1.6.x before 1.6.6 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed packet. Per: http://cwe.mitre.org/data/definitions/476.html
'CWE-476: NULL Pointer Dereference' |
| References |
|
| Vulnerable Configurations |
-
cpe:2.3:a:wireshark:wireshark:1.4.0:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.4.0:*:*:*:*:*:*:*
-
cpe:2.3:a:wireshark:wireshark:1.4.1:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.4.1:*:*:*:*:*:*:*
-
cpe:2.3:a:wireshark:wireshark:1.4.2:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.4.2:*:*:*:*:*:*:*
-
cpe:2.3:a:wireshark:wireshark:1.4.3:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.4.3:*:*:*:*:*:*:*
-
cpe:2.3:a:wireshark:wireshark:1.4.4:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.4.4:*:*:*:*:*:*:*
-
cpe:2.3:a:wireshark:wireshark:1.4.5:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.4.5:*:*:*:*:*:*:*
-
cpe:2.3:a:wireshark:wireshark:1.4.6:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.4.6:*:*:*:*:*:*:*
-
cpe:2.3:a:wireshark:wireshark:1.4.7:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.4.7:*:*:*:*:*:*:*
-
cpe:2.3:a:wireshark:wireshark:1.4.8:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.4.8:*:*:*:*:*:*:*
-
cpe:2.3:a:wireshark:wireshark:1.4.9:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.4.9:*:*:*:*:*:*:*
-
cpe:2.3:a:wireshark:wireshark:1.4.10:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.4.10:*:*:*:*:*:*:*
-
cpe:2.3:a:wireshark:wireshark:1.4.11:*:*:*:*:*:*:*
cpe:2.3:a:wireshark:wireshark:1.4.11:*:*:*:*:*:*:*
|
| CVSS |
| Base: | 3.3 (as of 29-12-2017 - 02:29) |
| Impact: | |
| Exploitability: | |
|
| CWE |
NVD-CWE-Other |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| ADJACENT_NETWORK |
LOW |
NONE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| NONE |
NONE |
PARTIAL |
|
| cvss-vector
via4
|
AV:A/AC:L/Au:N/C:N/I:N/A:P
|
| oval
via4
|
| accepted | 2013-08-19T04:00:48.884-04:00 | | class | vulnerability | | contributors | | name | Shane Shaffer | | organization | G2, Inc. |
| name | Shane Shaffer | | organization | G2, Inc. |
| | definition_extensions | | comment | Wireshark is installed on the system. | | oval | oval:org.mitre.oval:def:6589 |
| | description | epan/dissectors/packet-ansi_a.c in the ANSI A dissector in Wireshark 1.4.x before 1.4.12 and 1.6.x before 1.6.6 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed packet. | | family | windows | | id | oval:org.mitre.oval:def:14991 | | status | accepted | | submitted | 2012-04-12T08:48:06.747-04:00 | | title | ANSI A dissector vulnerability in Wireshark 1.4.x before 1.4.12 and 1.6.x before 1.6.6 | | version | 7 |
|
| refmap
via4
|
| confirm | | | exploit-db | 18758 | | fedora | - FEDORA-2012-5243
- FEDORA-2012-5256
| | mlist | [oss-security] 20120328 Re: CVE Request: Multiple wireshark security flaws resolved in 1.4.12 and 1.6.6 | | sectrack | 1026874 | | secunia | | | suse | openSUSE-SU-2012:0558 | | xf | wireshark-ansia-dos(74361) |
|
| Last major update |
29-12-2017 - 02:29 |
| Published |
11-04-2012 - 10:39 |
| Last modified |
29-12-2017 - 02:29 |
