CVE Vulnerabilities

CVE-2013-4929

Published: Jul 30, 2013 | Modified: Sep 19, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.8 HIGH
AV:N/AC:L/Au:N/C:N/I:N/A:C
RedHat/V2
RedHat/V3
Ubuntu

The parseFields function in epan/dissectors/packet-dis-pdus.c in the DIS dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not terminate packet-data processing after finding zero remaining bytes, which allows remote attackers to cause a denial of service (loop) via a crafted packet.

Affected Software

Name Vendor Start Version End Version
Wireshark Wireshark 1.8.6 1.8.6
Wireshark Wireshark 1.8.2 1.8.2
Wireshark Wireshark 1.8.3 1.8.3
Wireshark Wireshark 1.8.1 1.8.1
Wireshark Wireshark 1.8.7 1.8.7
Wireshark Wireshark 1.8.0 1.8.0
Wireshark Wireshark 1.8.4 1.8.4
Wireshark Wireshark 1.8.5 1.8.5
Wireshark Wireshark 1.8.8 1.8.8

References