Vulnerability Details : CVE-2016-4082
epan/dissectors/packet-gsm_cbch.c in the GSM CBCH dissector in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 uses the wrong variable to index an array, which allows remote attackers to cause a denial of service (out-of-bounds access and application crash) via a crafted packet.
Vulnerability category: OverflowDenial of service
Products affected by CVE-2016-4082
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.12.0:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.12.1:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.12.2:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.12.3:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.12.4:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.12.5:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.12.6:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.12.7:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.12.8:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:2.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:2.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.12.9:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.12.10:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:2.0.2:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2016-4082
0.23%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 61 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2016-4082
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:N/I:N/A:P |
8.6
|
2.9
|
NIST | |
5.9
|
MEDIUM | CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.2
|
3.6
|
NIST |
CWE ids for CVE-2016-4082
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2016-4082
-
http://www.oracle.com/technetwork/topics/security/bulletinjul2016-3090568.html
Oracle Solaris Bulletin - July 2016Third Party Advisory
-
http://www.debian.org/security/2016/dsa-3585
Debian -- Security Information -- DSA-3585-1 wiresharkThird Party Advisory
-
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12278
12278 – Buildbot crash output: fuzz-2016-03-22-29021.pcapIssue Tracking;Patch;Vendor Advisory
-
http://www.wireshark.org/security/wnpa-sec-2016-26.html
Wireshark · wnpa-sec-2016-26 · GSM CBCH dissector crashVendor Advisory
-
http://www.securitytracker.com/id/1035685
Wireshark Multiple Dissector Bugs Let Remote Users Deny Service - SecurityTracker
-
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=0fe522dfc689c3ebd119f2a6775d1f275c5f04d8
code.wireshark Code Review - wireshark.git/commitPatch
Jump to