[email protected]CVE-2013-4928

HistoryJul 30, 2013 - 12:56 a.m.

CVE-2013-4928

2013-07-3000:56:15

CWE-189

[email protected]

web.nvd.nist.gov

cve-2013-4928

wireshark

bluetooth

obex

nvd

denial of service

6.2 Medium

AI Score

Confidence

Low

7.8 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0 Low

EPSS

Percentile

0.0%

JSON

Integer signedness error in the dissect_headers function in epan/dissectors/packet-btobex.c in the Bluetooth OBEX dissector in Wireshark 1.10.x before 1.10.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.

Affected configurations

NVD

Node

wiresharkwiresharkMatch1.10.0

CPENameOperatorVersion
wireshark:wiresharkwiresharkeq1.10.0

CPE	Name	Operator	Version
wireshark:wireshark	wireshark	eq	1.10.0

References

anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-btobex.c?r1=50258&r2=50257&pathrev=50258

anonsvn.wireshark.org/viewvc?view=revision&revision=50258

secunia.com/advisories/54296

secunia.com/advisories/54425

www.gentoo.org/security/en/glsa/glsa-201308-05.xml

www.wireshark.org/docs/relnotes/wireshark-1.10.1.html

bugs.wireshark.org/bugzilla/show_bug.cgi?id=8875

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17540

www.wireshark.org/security/wnpa-sec-2013-46.html

6.2 Medium

AI Score

Confidence

Low

7.8 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0 Low

EPSS

Percentile

0.0%

JSON

Related for CVE-2013-4928

nvd1 debiancve1 cvelist1 ubuntucve1 prion1 openvas7 nessus8 fedora4 f52 gentoo1