CVE-2013-4075 | Vulnerability Database | Aqua Security

epan/dissectors/packet-gmr1_bcch.c in the GMR-1 BCCH dissector in Wireshark 1.8.x before 1.8.8 does not properly initialize memory, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

Affected Software

Name	Vendor	Start Version	End Version
Wireshark	Wireshark	1.8.6	1.8.6
Wireshark	Wireshark	1.8.2	1.8.2
Wireshark	Wireshark	1.8.3	1.8.3
Wireshark	Wireshark	1.8.1	1.8.1
Wireshark	Wireshark	1.8.7	1.8.7
Wireshark	Wireshark	1.8.0	1.8.0
Wireshark	Wireshark	1.8.4	1.8.4
Wireshark	Wireshark	1.8.5	1.8.5

References

http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-gmr1_bcch.c?r1=44674\u0026r2=44673\u0026pathrev=44674
http://www.wireshark.org/docs/relnotes/wireshark-1.8.8.html
http://www.wireshark.org/security/wnpa-sec-2013-33.html
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7664
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8726
http://anonsvn.wireshark.org/viewvc?view=revision\u0026revision=44674
http://lists.opensuse.org/opensuse-updates/2013-06/msg00196.html
http://lists.opensuse.org/opensuse-updates/2013-06/msg00194.html
http://www.debian.org/security/2013/dsa-2709
http://www.gentoo.org/security/en/glsa/glsa-201308-05.xml
http://secunia.com/advisories/54425
http://secunia.com/advisories/53762
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16859
http://rhn.redhat.com/errata/RHSA-2017-0631.html

NVD	https://nvd.nist.gov/vuln/detail/CVE-2013-4075
CWE	https://cwe.mitre.org/data/definitions/399.html