CVE-2012-1596

Published: Apr 11, 2012Modified: Apr 29, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

The mp2t_process_fragmented_payload function in epan/dissectors/packet-mp2t.c in the MP2T dissector in Wireshark 1.4.x before 1.4.12 and 1.6.x before 1.6.6 allows remote attackers to cause a denial of service (application crash) via a packet containing an invalid pointer value that triggers an incorrect memory-allocation attempt.

Affected (18)

Products: Wireshark: Wireshark

1 product

Configuration A

12 vulnerable

Vulnerable Software	Affected Versions
Wireshark Wireshark	Version 1.4.0
Wireshark Wireshark	Version 1.4.10
Wireshark Wireshark	Version 1.4.11
Wireshark Wireshark	Version 1.4.1
Wireshark Wireshark	Version 1.4.2
Wireshark Wireshark	Version 1.4.3
Wireshark Wireshark	Version 1.4.4
Wireshark Wireshark	Version 1.4.5
Wireshark Wireshark	Version 1.4.6
Wireshark Wireshark	Version 1.4.7
Wireshark Wireshark	Version 1.4.8
Wireshark Wireshark	Version 1.4.9

Configuration B

6 vulnerable

Vulnerable Software	Affected Versions
Wireshark Wireshark	Version 1.6.0
Wireshark Wireshark	Version 1.6.1
Wireshark Wireshark	Version 1.6.2
Wireshark Wireshark	Version 1.6.3
Wireshark Wireshark	Version 1.6.4
Wireshark Wireshark	Version 1.6.5

Related CWEs

References (26)

http://anonsvn.wireshark.org/viewvc?view=revision&revision=41001

Source: secalert@redhat.com

http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078769.html

Source: secalert@redhat.com

http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078770.html

Source: secalert@redhat.com

http://lists.opensuse.org/opensuse-updates/2012-04/msg00060.html

Source: secalert@redhat.com

http://secunia.com/advisories/48548

Source: secalert@redhat.com

http://secunia.com/advisories/48986

Source: secalert@redhat.com

http://www.openwall.com/lists/oss-security/2012/03/28/13

Source: secalert@redhat.com

http://www.securityfocus.com/bid/52736

Source: secalert@redhat.com

http://www.securitytracker.com/id?1026874

Source: secalert@redhat.com

http://www.wireshark.org/security/wnpa-sec-2012-07.html

Source: secalert@redhat.com

Vendor Advisory

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6833

Source: secalert@redhat.com

https://exchange.xforce.ibmcloud.com/vulnerabilities/74363

Source: secalert@redhat.com

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15194

Source: secalert@redhat.com

http://anonsvn.wireshark.org/viewvc?view=revision&revision=41001

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078769.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.fedoraproject.org/pipermail/package-announce/2012-April/078770.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.opensuse.org/opensuse-updates/2012-04/msg00060.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/48548

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/48986

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2012/03/28/13

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/52736

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securitytracker.com/id?1026874

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.wireshark.org/security/wnpa-sec-2012-07.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6833

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/74363

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15194

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.