Stack consumption vulnerability in the dissect_ber_choice function in the BER dissector in Wireshark 1.2.x through 1.2.15 and 1.4.x through 1.4.4 might allow remote attackers to cause a denial of service (infinite loop) via vectors involving self-referential ASN.1 CHOICE values.
The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Wireshark | Wireshark | 1.2.0 | 1.2.0 |
Wireshark | Wireshark | 1.2.1 | 1.2.1 |
Wireshark | Wireshark | 1.2.2 | 1.2.2 |
Wireshark | Wireshark | 1.2.3 | 1.2.3 |
Wireshark | Wireshark | 1.2.4 | 1.2.4 |
Wireshark | Wireshark | 1.2.5 | 1.2.5 |
Wireshark | Wireshark | 1.2.6 | 1.2.6 |
Wireshark | Wireshark | 1.2.7 | 1.2.7 |
Wireshark | Wireshark | 1.2.8 | 1.2.8 |
Wireshark | Wireshark | 1.2.9 | 1.2.9 |
Wireshark | Wireshark | 1.2.10 | 1.2.10 |
Wireshark | Wireshark | 1.2.11 | 1.2.11 |
Wireshark | Wireshark | 1.2.12 | 1.2.12 |
Wireshark | Wireshark | 1.2.13 | 1.2.13 |
Wireshark | Wireshark | 1.2.14 | 1.2.14 |
Wireshark | Wireshark | 1.2.15 | 1.2.15 |
Wireshark | Wireshark | 1.4.0 | 1.4.0 |
Wireshark | Wireshark | 1.4.1 | 1.4.1 |
Wireshark | Wireshark | 1.4.2 | 1.4.2 |
Wireshark | Wireshark | 1.4.3 | 1.4.3 |
Wireshark | Wireshark | 1.4.4 | 1.4.4 |