CVE-2012-0042

2012-04-1110:39:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

wireshark

cve-2012-0042

null pointer dereference

dos

nvd

security vulnerability

6.2 Medium

AI Score

Confidence

Low

2.9 Low

CVSS2

Access Vector

ADJACENT_NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:A/AC:M/Au:N/C:N/I:N/A:P

0.005 Low

EPSS

Percentile

74.8%

JSON

Wireshark 1.4.x before 1.4.11 and 1.6.x before 1.6.5 does not properly perform certain string conversions, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted packet, related to epan/to_str.c.

CPENameOperatorVersion
wireshark:wiresharkwiresharkeq1.6.0
wireshark:wiresharkwiresharkeq1.6.4
wireshark:wiresharkwiresharkeq1.6.3
wireshark:wiresharkwiresharkeq1.6.1
wireshark:wiresharkwiresharkeq1.6.2
redhat:enterprise_linuxredhat enterprise linuxeq5
wireshark:wiresharkwiresharkeq1.4.7
wireshark:wiresharkwiresharkeq1.4.2
wireshark:wiresharkwiresharkeq1.4.0
wireshark:wiresharkwiresharkeq1.4.5

CPE	Name	Operator	Version
wireshark:wireshark	wireshark	eq	1.6.0
wireshark:wireshark	wireshark	eq	1.6.4
wireshark:wireshark	wireshark	eq	1.6.3
wireshark:wireshark	wireshark	eq	1.6.1
wireshark:wireshark	wireshark	eq	1.6.2
redhat:enterprise_linux	redhat enterprise linux	eq	5
wireshark:wireshark	wireshark	eq	1.4.7
wireshark:wireshark	wireshark	eq	1.4.2
wireshark:wireshark	wireshark	eq	1.4.0
wireshark:wireshark	wireshark	eq	1.4.5