Back to search
CVE-2012-2393
Published: Jun 30, 2012
Modified: Aug 6, 2024
PUBLISHED
Description
epan/dissectors/packet-diameter.c in the DIAMETER dissector in Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 does not properly construct certain array data structures, which allows remote attackers to cause a denial of service (application crash) via a crafted packet that triggers incorrect memory allocation.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
MDVSA-2012:015
vendor-advisory
x_refsource_MANDRIVA
1027094
vdb-entry
x_refsource_SECTRACK
MDVSA-2012:042
vendor-advisory
x_refsource_MANDRIVA
http://anonsvn.wireshark.org/viewvc?view=revision&revision=42200
x_refsource_CONFIRM
53652
vdb-entry
x_refsource_BID
oval:org.mitre.oval:def:15558
vdb-entry
signature
x_refsource_OVAL
49226
third-party-advisory
x_refsource_SECUNIA
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7138
x_refsource_CONFIRM
http://www.wireshark.org/security/wnpa-sec-2012-09.html
x_refsource_CONFIRM
MDVSA-2012:080
vendor-advisory
x_refsource_MANDRIVA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now