Ubuntu.comUB:CVE-2012-2392

HistoryJun 30, 2012 - 12:00 a.m.

CVE-2012-2392

2012-06-3000:00:00

ubuntu.com

3.3 Low

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:A/AC:L/Au:N/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

50.6%

JSON

Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 allows remote
attackers to cause a denial of service (infinite loop) via vectors related
to the (1) ANSI MAP, (2) ASF, (3) IEEE 802.11, (4) IEEE 802.3, and (5) LTP
dissectors.

Notes

Author	Note
jdstrand	Per Debian, not suitable for code injection

References

www.openwall.com/lists/oss-security/2012/05/23/17

bugs.wireshark.org/bugzilla/show_bug.cgi?id=6805

bugs.wireshark.org/bugzilla/show_bug.cgi?id=7118

bugs.wireshark.org/bugzilla/show_bug.cgi?id=7119

bugs.wireshark.org/bugzilla/show_bug.cgi?id=7120

bugs.wireshark.org/bugzilla/show_bug.cgi?id=7121

bugs.wireshark.org/bugzilla/show_bug.cgi?id=7122

bugs.wireshark.org/bugzilla/show_bug.cgi?id=7124

bugs.wireshark.org/bugzilla/show_bug.cgi?id=7125

bugzilla.redhat.com/show_bug.cgi?id=824411

launchpad.net/bugs/cve/CVE-2012-2392

nvd.nist.gov/vuln/detail/CVE-2012-2392

security-tracker.debian.org/tracker/CVE-2012-2392

www.cve.org/CVERecord?id=CVE-2012-2392

3.3 Low

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:A/AC:L/Au:N/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

50.6%

JSON

Related for UB:CVE-2012-2392