Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-4291

Overview

Vulnerability Score 3.3 3.3
CVE Id CVE-2012-4291
Last Modified 23 Sep 2014 01:27:14
Published 16 Aug 2012 06:38:08
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector ADJACENT_NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-4291

Summary

The CIP dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (memory consumption) via a malformed packet.

Vulnerable Systems

Application

  • Wireshark 1.4.0

  • Wireshark 1.4.1

  • Wireshark 1.4.10

  • Wireshark 1.4.11

  • Wireshark 1.4.12

  • Wireshark 1.4.13

  • Wireshark 1.4.14

  • Wireshark 1.4.2

  • Wireshark 1.4.3

  • Wireshark 1.4.4

  • Wireshark 1.4.5

  • Wireshark 1.4.6

  • Wireshark 1.4.7

  • Wireshark 1.4.8

  • Wireshark 1.4.9

  • Wireshark 1.6.0

  • Wireshark 1.6.1

  • Wireshark 1.6.2

  • Wireshark 1.6.3

  • Wireshark 1.6.4

  • Wireshark 1.6.5

  • Wireshark 1.6.6

  • Wireshark 1.6.7

  • Wireshark 1.6.8

  • Wireshark 1.6.9

  • Wireshark 1.8.0

  • Wireshark 1.8.1


References

CONFIRM - https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7570

CONFIRM - http://www.wireshark.org/security/wnpa-sec-2012-20.html

SUSE - openSUSE-SU-2012:1067

SUSE - openSUSE-SU-2012:1035

REDHAT - RHSA-2013:0125

BID - 55035

CONFIRM - https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_wireshark3

SECUNIA - 51363

GENTOO - GLSA-201308-05

SECUNIA - 54425

SECUNIA - 50276

Related Patches

Red Hat 2013:0125-01 RHSA Moderate: wireshark security, bug fix, and enhancement update for RHEL 5 x86

Novell SUSE 2012:6760 wireshark security update for SLE 11 SP2 i586

Novell SUSE 2012:6760 wireshark security update for SLE 11 SP2 x86_64

Novell SUSE 2012:8267 wireshark security update for SLE 10 SP4 i586

Novell SUSE 2012:8267 wireshark security update for SLE 10 SP4 x86_64


Last Updated: 27 May 2016 10:49:40