Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-5240

Overview

Vulnerability Score 5.8 5.8
CVE Id CVE-2012-5240
Last Modified 02 Nov 2013 11:28:05
Published 04 Oct 2012 03:55:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector ADJACENT_NETWORK
Access Complexity LOW
Authentication NONE

CVE-2012-5240

Summary

Buffer overflow in the dissect_tlv function in epan/dissectors/packet-ldp.c in the LDP dissector in Wireshark 1.8.x before 1.8.3 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a malformed packet.

Vulnerable Systems

Application

  • Wireshark 1.8.0

  • Wireshark 1.8.1

  • Wireshark 1.8.2


References

CONFIRM - https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7567

CONFIRM - https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7046

CONFIRM - http://www.wireshark.org/security/wnpa-sec-2012-29.html

CONFIRM - http://anonsvn.wireshark.org/viewvc?view=revision&revision=44801

CONFIRM - http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-ldp.c?r1=44801&r2=44800&pathrev=44801

SECTRACK - 1027604

BID - 55754


Last Updated: 27 May 2016 11:00:52