5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
0.002 Low
EPSS
Percentile
51.4%
epan/dissectors/packet-wcp.c in the WCP dissector in Wireshark 1.10.x
before 1.10.13 and 1.12.x before 1.12.4 does not properly initialize a data
structure, which allows remote attackers to cause a denial of service
(out-of-bounds read and application crash) via a crafted packet that is
improperly handled during decompression.
Author | Note |
---|---|
tyhicks | Version 1.12.0 to 1.12.3, 1.10.0 to 1.10.12 are affected |
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 17.10 | noarch | wireshark | <Â 1.12.1+g01b65bf-4 | UNKNOWN |
ubuntu | 18.04 | noarch | wireshark | <Â 2.6.3-1~ubuntu18.04.1 | UNKNOWN |
ubuntu | 14.04 | noarch | wireshark | <Â 2.6.3-1~ubuntu14.04.1 | UNKNOWN |
ubuntu | 14.10 | noarch | wireshark | <Â 1.12.1+g01b65bf-2ubuntu14.10.3 | UNKNOWN |
ubuntu | 15.04 | noarch | wireshark | <Â 1.12.1+g01b65bf-4 | UNKNOWN |
ubuntu | 15.10 | noarch | wireshark | <Â 1.12.1+g01b65bf-4 | UNKNOWN |
ubuntu | 16.04 | noarch | wireshark | <Â 2.6.3-1~ubuntu16.04.1 | UNKNOWN |
ubuntu | 16.10 | noarch | wireshark | <Â 1.12.1+g01b65bf-4 | UNKNOWN |
ubuntu | 17.04 | noarch | wireshark | <Â 1.12.1+g01b65bf-4 | UNKNOWN |