Vulnerability Details : CVE-2016-4081
epan/dissectors/packet-iax2.c in the IAX2 dissector in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 uses an incorrect integer data type, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.
Vulnerability category: BypassGain privilegeDenial of service
Exploit prediction scoring system (EPSS) score for CVE-2016-4081
Probability of exploitation activity in the next 30 days: 0.36%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 69 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2016-4081
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:N/I:N/A:P |
8.6
|
2.9
|
NIST |
5.9
|
MEDIUM | CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.2
|
3.6
|
NIST |
CWE ids for CVE-2016-4081
-
The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.Assigned by: nvd@nist.gov (Primary)
References for CVE-2016-4081
-
http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
Oracle Solaris Bulletin - July 2016
-
http://www.debian.org/security/2016/dsa-3585
Debian -- Security Information -- DSA-3585-1 wireshark
-
http://www.wireshark.org/security/wnpa-sec-2016-24.html
Wireshark · wnpa-sec-2016-24 · IAX2 infinite loopVendor Advisory
-
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12260
12260 – Buildbot crash output: fuzz-2016-03-14-17433.pcap
-
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=42f299be6abb302f32cec78b1c0812364c9f9285
code.wireshark Code Review - wireshark.git/commit
-
http://www.securitytracker.com/id/1035685
Wireshark Multiple Dissector Bugs Let Remote Users Deny Service - SecurityTracker
Products affected by CVE-2016-4081
- cpe:2.3:a:wireshark:wireshark:1.12.0:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.12.1:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.12.2:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.12.3:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.12.4:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.12.5:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.12.6:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.12.7:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.12.8:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:2.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:2.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.12.9:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.12.10:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:2.0.2:*:*:*:*:*:*:*