CVE Vulnerabilities

CVE-2016-6508

Published: Aug 06, 2016 | Modified: Nov 28, 2016
CVSS 3.x
5.9
MEDIUM
Source:
NVD
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVSS 2.x
4.3 MEDIUM
AV:N/AC:M/Au:N/C:N/I:N/A:P
RedHat/V2
4.3 MODERATE
AV:N/AC:M/Au:N/C:N/I:N/A:P
RedHat/V3
5.9 MODERATE
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Ubuntu

epan/dissectors/packet-rlc.c in the RLC dissector in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 uses an incorrect integer data type, which allows remote attackers to cause a denial of service (large loop) via a crafted packet.

Affected Software

Name Vendor Start Version End Version
Wireshark Wireshark 1.12.0 1.12.0
Wireshark Wireshark 1.12.1 1.12.1
Wireshark Wireshark 1.12.2 1.12.2
Wireshark Wireshark 1.12.3 1.12.3
Wireshark Wireshark 1.12.4 1.12.4
Wireshark Wireshark 1.12.5 1.12.5
Wireshark Wireshark 1.12.6 1.12.6
Wireshark Wireshark 1.12.7 1.12.7
Wireshark Wireshark 1.12.8 1.12.8
Wireshark Wireshark 1.12.9 1.12.9
Wireshark Wireshark 1.12.10 1.12.10
Wireshark Wireshark 1.12.11 1.12.11
Wireshark Wireshark 1.12.12 1.12.12
Wireshark Wireshark 2.0.0 2.0.0
Wireshark Wireshark 2.0.1 2.0.1
Wireshark Wireshark 2.0.2 2.0.2
Wireshark Wireshark 2.0.3 2.0.3
Wireshark Wireshark 2.0.4 2.0.4
Wireshark Ubuntu precise *
Wireshark Ubuntu trusty *
Wireshark Ubuntu trusty/esm *
Wireshark Ubuntu upstream *
Wireshark Ubuntu xenial *

References