Wireshark : Security vulnerabilities, CVEs published in October 2012

Copy

CVE-2012-5240

Buffer overflow in the dissect_tlv function in epan/dissectors/packet-ldp.c in the LDP dissector in Wireshark 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a malformed packet.

Max CVSS

5.8

EPSS Score

0.32%

Published

2012-10-04

Updated

2017-09-19

CVE-2012-5238

epan/dissectors/packet-ppp.c in the PPP dissector in Wireshark 1.8.x before 1.8.3 uses incorrect OUI data structures during the decoding of (1) PPP and (2) LCP data, which allows remote attackers to cause a denial of service (assertion failure and application exit) via a malformed packet.

Max CVSS

3.3

EPSS Score

0.20%

Published

2012-10-04

Updated

2017-09-19

CVE-2012-5237

The dissect_hsrp function in epan/dissectors/packet-hsrp.c in the HSRP dissector in Wireshark 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.

Max CVSS

3.3

EPSS Score

0.20%

Published

2012-10-04

Updated

2017-09-19

3 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!