Vulnerability Details : CVE-2016-6508

epan/dissectors/packet-rlc.c in the RLC dissector in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 uses an incorrect integer data type, which allows remote attackers to cause a denial of service (large loop) via a crafted packet.

Vulnerability category: Denial of service

Published 2016-08-06 23:59:07

Updated 2016-11-28 20:33:26

Source MITRE

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2016-6508

Probability of exploitation activity in the next 30 days: 0.31%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 66 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2016-6508

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Source
4.3	MEDIUM	AV:N/AC:M/Au:N/C:N/I:N/A:P	8.6	2.9	[email protected]
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Partial
5.9	MEDIUM	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H	2.2	3.6	[email protected]
Attack Vector: Network Attack Complexity: High Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: None Integrity: None Availability: High

CWE ids for CVE-2016-6508

CWE-399

Assigned by: [email protected] (Primary)

References for CVE-2016-6508

Products affected by CVE-2016-6508

Wireshark » Wireshark » Version: 1.12.0
cpe:2.3:a:wireshark:wireshark:1.12.0:*:*:*:*:*:*:*
Matching versions
Wireshark » Wireshark » Version: 1.12.1
cpe:2.3:a:wireshark:wireshark:1.12.1:*:*:*:*:*:*:*
Matching versions
Wireshark » Wireshark » Version: 1.12.2
cpe:2.3:a:wireshark:wireshark:1.12.2:*:*:*:*:*:*:*
Matching versions
Wireshark » Wireshark » Version: 1.12.3
cpe:2.3:a:wireshark:wireshark:1.12.3:*:*:*:*:*:*:*
Matching versions
Wireshark » Wireshark » Version: 1.12.4
cpe:2.3:a:wireshark:wireshark:1.12.4:*:*:*:*:*:*:*
Matching versions
Wireshark » Wireshark » Version: 1.12.5
cpe:2.3:a:wireshark:wireshark:1.12.5:*:*:*:*:*:*:*
Matching versions
Wireshark » Wireshark » Version: 1.12.6
cpe:2.3:a:wireshark:wireshark:1.12.6:*:*:*:*:*:*:*
Matching versions
Wireshark » Wireshark » Version: 1.12.7
cpe:2.3:a:wireshark:wireshark:1.12.7:*:*:*:*:*:*:*
Matching versions
Wireshark » Wireshark » Version: 1.12.8
cpe:2.3:a:wireshark:wireshark:1.12.8:*:*:*:*:*:*:*
Matching versions
Wireshark » Wireshark » Version: 2.0.0
cpe:2.3:a:wireshark:wireshark:2.0.0:*:*:*:*:*:*:*
Matching versions
Wireshark » Wireshark » Version: 2.0.1
cpe:2.3:a:wireshark:wireshark:2.0.1:*:*:*:*:*:*:*
Matching versions
Wireshark » Wireshark » Version: 1.12.9
cpe:2.3:a:wireshark:wireshark:1.12.9:*:*:*:*:*:*:*
Matching versions
Wireshark » Wireshark » Version: 1.12.10
cpe:2.3:a:wireshark:wireshark:1.12.10:*:*:*:*:*:*:*
Matching versions
Wireshark » Wireshark » Version: 2.0.2
cpe:2.3:a:wireshark:wireshark:2.0.2:*:*:*:*:*:*:*
Matching versions
Wireshark » Wireshark » Version: 1.12.11
cpe:2.3:a:wireshark:wireshark:1.12.11:*:*:*:*:*:*:*
Matching versions
Wireshark » Wireshark » Version: 2.0.3
cpe:2.3:a:wireshark:wireshark:2.0.3:*:*:*:*:*:*:*
Matching versions
Wireshark » Wireshark » Version: 1.12.12
cpe:2.3:a:wireshark:wireshark:1.12.12:*:*:*:*:*:*:*
Matching versions
Wireshark » Wireshark » Version: 2.0.4
cpe:2.3:a:wireshark:wireshark:2.0.4:*:*:*:*:*:*:*
Matching versions