CVE-2012-1595

Published: Apr 11, 2012Modified: Apr 29, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:N/A:P

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

The pcap_process_pseudo_header function in wiretap/pcap-common.c in Wireshark 1.4.x before 1.4.12 and 1.6.x before 1.6.6 allows remote attackers to cause a denial of service (application crash) via a WTAP_ENCAP_ERF file containing an Extension or Multi-Channel header with an invalid pseudoheader size, related to the pcap and pcap-ng file parsers.

Affected (18)

Products: Wireshark: Wireshark

1 product

Configuration A

12 vulnerable

Vulnerable Software	Affected Versions
Wireshark Wireshark	Version 1.4.0
Wireshark Wireshark	Version 1.4.10
Wireshark Wireshark	Version 1.4.11
Wireshark Wireshark	Version 1.4.1
Wireshark Wireshark	Version 1.4.2
Wireshark Wireshark	Version 1.4.3
Wireshark Wireshark	Version 1.4.4
Wireshark Wireshark	Version 1.4.5
Wireshark Wireshark	Version 1.4.6
Wireshark Wireshark	Version 1.4.7
Wireshark Wireshark	Version 1.4.8
Wireshark Wireshark	Version 1.4.9

Configuration B

6 vulnerable

Vulnerable Software	Affected Versions
Wireshark Wireshark	Version 1.6.0
Wireshark Wireshark	Version 1.6.1
Wireshark Wireshark	Version 1.6.2
Wireshark Wireshark	Version 1.6.3
Wireshark Wireshark	Version 1.6.4
Wireshark Wireshark	Version 1.6.5

Related CWEs

References (30)

http://anonsvn.wireshark.org/viewvc?view=revision&revision=41008

Source: secalert@redhat.com

http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078769.html

Source: secalert@redhat.com

http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078770.html

Source: secalert@redhat.com

http://lists.opensuse.org/opensuse-updates/2012-04/msg00060.html

Source: secalert@redhat.com

http://secunia.com/advisories/48548

Source: secalert@redhat.com

http://secunia.com/advisories/48947

Source: secalert@redhat.com

http://secunia.com/advisories/48986

Source: secalert@redhat.com

http://www.openwall.com/lists/oss-security/2012/03/28/13

Source: secalert@redhat.com

http://www.securityfocus.com/bid/52737

Source: secalert@redhat.com

http://www.securitytracker.com/id?1026874

Source: secalert@redhat.com

http://www.wireshark.org/news/20120327.html

Source: secalert@redhat.com

http://www.wireshark.org/security/wnpa-sec-2012-06.html

Source: secalert@redhat.com

Vendor Advisory

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6804

Source: secalert@redhat.com

https://exchange.xforce.ibmcloud.com/vulnerabilities/74364

Source: secalert@redhat.com

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15548

Source: secalert@redhat.com

http://anonsvn.wireshark.org/viewvc?view=revision&revision=41008

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078769.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078770.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.opensuse.org/opensuse-updates/2012-04/msg00060.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/48548

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/48947

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/48986

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2012/03/28/13

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/52737

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id?1026874

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.wireshark.org/news/20120327.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.wireshark.org/security/wnpa-sec-2012-06.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6804

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/74364

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15548

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.