CVE Vulnerabilities

CVE-2013-1576

Published: Feb 03, 2013 | Modified: Sep 19, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
2.9 LOW
AV:A/AC:M/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu

The dissect_sdp_media_attribute function in epan/dissectors/packet-sdp.c in the SDP dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly process crypto-suite parameters, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.

Affected Software

Name Vendor Start Version End Version
Wireshark Wireshark 1.6.0 1.6.0
Wireshark Wireshark 1.6.12 1.6.12
Wireshark Wireshark 1.6.4 1.6.4
Wireshark Wireshark 1.6.8 1.6.8
Wireshark Wireshark 1.6.5 1.6.5
Wireshark Wireshark 1.6.3 1.6.3
Wireshark Wireshark 1.6.7 1.6.7
Wireshark Wireshark 1.6.1 1.6.1
Wireshark Wireshark 1.6.6 1.6.6
Wireshark Wireshark 1.6.11 1.6.11
Wireshark Wireshark 1.6.2 1.6.2
Wireshark Wireshark 1.6.9 1.6.9
Wireshark Wireshark 1.6.10 1.6.10

References