Lucene search

K
nvd[email protected]NVD:CVE-2013-1576
HistoryFeb 03, 2013 - 1:55 a.m.

CVE-2013-1576

2013-02-0301:55:06
CWE-310
web.nvd.nist.gov

CVSS2

2.9

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:A/AC:M/Au:N/C:N/I:N/A:P

AI Score

5.6

Confidence

High

EPSS

0.002

Percentile

53.6%

The dissect_sdp_media_attribute function in epan/dissectors/packet-sdp.c in the SDP dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly process crypto-suite parameters, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.

Affected configurations

NVD
Node
wiresharkwiresharkMatch1.6.0
OR
wiresharkwiresharkMatch1.6.1
OR
wiresharkwiresharkMatch1.6.2
OR
wiresharkwiresharkMatch1.6.3
OR
wiresharkwiresharkMatch1.6.4
OR
wiresharkwiresharkMatch1.6.5
OR
wiresharkwiresharkMatch1.6.6
OR
wiresharkwiresharkMatch1.6.7
OR
wiresharkwiresharkMatch1.6.8
OR
wiresharkwiresharkMatch1.6.9
OR
wiresharkwiresharkMatch1.6.10
OR
wiresharkwiresharkMatch1.6.11
OR
wiresharkwiresharkMatch1.6.12
Node
wiresharkwiresharkMatch1.8.0
OR
wiresharkwiresharkMatch1.8.1
OR
wiresharkwiresharkMatch1.8.2
OR
wiresharkwiresharkMatch1.8.3
OR
wiresharkwiresharkMatch1.8.4

CVSS2

2.9

Attack Vector

ADJACENT_NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:A/AC:M/Au:N/C:N/I:N/A:P

AI Score

5.6

Confidence

High

EPSS

0.002

Percentile

53.6%