Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTFR-2014-AVI-502
Vulnerability from certfr_avis - Published: 2014-11-28 - Updated: 2014-11-28
De multiples vulnérabilités ont été corrigées dans les produits F5. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
De multiples produits sont impactés. Se référer au bulletin de l'éditeur pour la liste exhaustive des produits.
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cP\u003eDe multiples produits sont impact\u00e9s. Se r\u00e9f\u00e9rer au bulletin de l\u0027\u00e9diteur pour la liste exhaustive des produits.\u003c/P\u003e",
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2011-3048",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3048"
},
{
"name": "CVE-2013-4921",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4921"
},
{
"name": "CVE-2013-4935",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4935"
},
{
"name": "CVE-2013-4920",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4920"
},
{
"name": "CVE-2013-1944",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1944"
},
{
"name": "CVE-2013-4076",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4076"
},
{
"name": "CVE-2013-4077",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4077"
},
{
"name": "CVE-2013-4083",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4083"
},
{
"name": "CVE-2013-4925",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4925"
},
{
"name": "CVE-2013-4926",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4926"
},
{
"name": "CVE-2013-4930",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4930"
},
{
"name": "CVE-2013-4928",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4928"
},
{
"name": "CVE-2010-0405",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0405"
},
{
"name": "CVE-2013-4933",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4933"
},
{
"name": "CVE-2013-4923",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4923"
},
{
"name": "CVE-2013-4929",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4929"
},
{
"name": "CVE-2013-4079",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4079"
},
{
"name": "CVE-2013-4931",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4931"
},
{
"name": "CVE-2013-4932",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4932"
},
{
"name": "CVE-2013-4082",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4082"
},
{
"name": "CVE-2013-4075",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4075"
},
{
"name": "CVE-2013-4927",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4927"
},
{
"name": "CVE-2013-4936",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4936"
},
{
"name": "CVE-2013-4078",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4078"
},
{
"name": "CVE-2013-1862",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1862"
},
{
"name": "CVE-2013-4924",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4924"
},
{
"name": "CVE-2011-1071",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1071"
},
{
"name": "CVE-2013-4080",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4080"
},
{
"name": "CVE-2013-4934",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4934"
},
{
"name": "CVE-2013-4922",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4922"
},
{
"name": "CVE-2013-4074",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4074"
},
{
"name": "CVE-2012-2141",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2141"
},
{
"name": "CVE-2013-4081",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4081"
}
],
"initial_release_date": "2014-11-28T00:00:00",
"last_revision_date": "2014-11-28T00:00:00",
"links": [],
"reference": "CERTFR-2014-AVI-502",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2014-11-28T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans les produits \u003cspan\nclass=\"textit\"\u003eF5\u003c/span\u003e. Elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits F5",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 F5 SOL15883 du 27 novembre 2014",
"url": "https://support.f5.com/kb/en-us/solutions/public/15000/800/sol15883.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 F5 SOL15881 du 27 novembre 2014",
"url": "https://support.f5.com/kb/en-us/solutions/public/15000/800/sol15881.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 F5 SOL15878 du 26 novembre 2014",
"url": "https://support.f5.com/kb/en-us/solutions/public/15000/800/sol15877.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 F5 SOL15877 du 27 novembre 2014",
"url": "https://support.f5.com/kb/en-us/solutions/public/15000/800/sol15877.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 F5 SOL15885 du 27 novembre 2014",
"url": "https://support.f5.com/kb/en-us/solutions/public/15000/800/sol15885.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 F5 SOL15868 du 27 novembre 2014",
"url": "https://support.f5.com/kb/en-us/solutions/public/15000/800/sol15868.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 F5 SOL15875 du 27 novembre 2014",
"url": "https://support.f5.com/kb/en-us/solutions/public/15000/800/sol15875.html"
}
]
}
CVE-2013-4078 (GCVE-0-2013-4078)
Vulnerability from cvelistv5 – Published: 2013-06-09 21:00 – Updated: 2024-08-06 16:30
VLAI
EPSS
Summary
epan/dissectors/packet-rdp.c in the RDP dissector in Wireshark 1.8.x before 1.8.8 does not validate return values during checks for data availability, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
13 references
Date Public
2013-06-07 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:30:49.898Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.wireshark.org/docs/relnotes/wireshark-1.8.8.html"
},
{
"name": "53762",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/53762"
},
{
"name": "oval:org.mitre.oval:def:16936",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16936"
},
{
"name": "54425",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/54425"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://anonsvn.wireshark.org/viewvc?view=revision\u0026revision=45566"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7862"
},
{
"name": "GLSA-201308-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-201308-05.xml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8729"
},
{
"name": "openSUSE-SU-2013:1086",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00196.html"
},
{
"name": "DSA-2709",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2013/dsa-2709"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://anonsvn.wireshark.org/viewvc?view=revision\u0026revision=46158"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.wireshark.org/security/wnpa-sec-2013-36.html"
},
{
"name": "openSUSE-SU-2013:1084",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00194.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-06-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "epan/dissectors/packet-rdp.c in the RDP dissector in Wireshark 1.8.x before 1.8.8 does not validate return values during checks for data availability, which allows remote attackers to cause a denial of service (application crash) via a crafted packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.wireshark.org/docs/relnotes/wireshark-1.8.8.html"
},
{
"name": "53762",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/53762"
},
{
"name": "oval:org.mitre.oval:def:16936",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16936"
},
{
"name": "54425",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/54425"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://anonsvn.wireshark.org/viewvc?view=revision\u0026revision=45566"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7862"
},
{
"name": "GLSA-201308-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-201308-05.xml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8729"
},
{
"name": "openSUSE-SU-2013:1086",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00196.html"
},
{
"name": "DSA-2709",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2013/dsa-2709"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://anonsvn.wireshark.org/viewvc?view=revision\u0026revision=46158"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.wireshark.org/security/wnpa-sec-2013-36.html"
},
{
"name": "openSUSE-SU-2013:1084",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00194.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-4078",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "epan/dissectors/packet-rdp.c in the RDP dissector in Wireshark 1.8.x before 1.8.8 does not validate return values during checks for data availability, which allows remote attackers to cause a denial of service (application crash) via a crafted packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.wireshark.org/docs/relnotes/wireshark-1.8.8.html",
"refsource": "CONFIRM",
"url": "http://www.wireshark.org/docs/relnotes/wireshark-1.8.8.html"
},
{
"name": "53762",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/53762"
},
{
"name": "oval:org.mitre.oval:def:16936",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16936"
},
{
"name": "54425",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/54425"
},
{
"name": "http://anonsvn.wireshark.org/viewvc?view=revision\u0026revision=45566",
"refsource": "CONFIRM",
"url": "http://anonsvn.wireshark.org/viewvc?view=revision\u0026revision=45566"
},
{
"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7862",
"refsource": "CONFIRM",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7862"
},
{
"name": "GLSA-201308-05",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-201308-05.xml"
},
{
"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8729",
"refsource": "CONFIRM",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8729"
},
{
"name": "openSUSE-SU-2013:1086",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00196.html"
},
{
"name": "DSA-2709",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2013/dsa-2709"
},
{
"name": "http://anonsvn.wireshark.org/viewvc?view=revision\u0026revision=46158",
"refsource": "CONFIRM",
"url": "http://anonsvn.wireshark.org/viewvc?view=revision\u0026revision=46158"
},
{
"name": "http://www.wireshark.org/security/wnpa-sec-2013-36.html",
"refsource": "CONFIRM",
"url": "http://www.wireshark.org/security/wnpa-sec-2013-36.html"
},
{
"name": "openSUSE-SU-2013:1084",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00194.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-4078",
"datePublished": "2013-06-09T21:00:00.000Z",
"dateReserved": "2013-06-09T00:00:00.000Z",
"dateUpdated": "2024-08-06T16:30:49.898Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4079 (GCVE-0-2013-4079)
Vulnerability from cvelistv5 – Published: 2013-06-09 21:00 – Updated: 2024-08-06 16:30
VLAI
EPSS
Summary
The dissect_schedule_message function in epan/dissectors/packet-gsm_cbch.c in the GSM CBCH dissector in Wireshark 1.8.x before 1.8.8 allows remote attackers to cause a denial of service (infinite loop and application hang) via a crafted packet.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
11 references
| URL | Tags |
|---|---|
| http://www.wireshark.org/docs/relnotes/wireshark-… | x_refsource_CONFIRM |
| http://secunia.com/advisories/53762 | third-party-advisoryx_refsource_SECUNIA |
| http://secunia.com/advisories/54425 | third-party-advisoryx_refsource_SECUNIA |
| https://bugs.wireshark.org/bugzilla/show_bug.cgi?… | x_refsource_CONFIRM |
| http://www.gentoo.org/security/en/glsa/glsa-20130… | vendor-advisoryx_refsource_GENTOO |
| http://lists.opensuse.org/opensuse-updates/2013-0… | vendor-advisoryx_refsource_SUSE |
| http://anonsvn.wireshark.org/viewvc/trunk/epan/di… | x_refsource_CONFIRM |
| http://anonsvn.wireshark.org/viewvc?view=revision… | x_refsource_CONFIRM |
| http://www.wireshark.org/security/wnpa-sec-2013-37.html | x_refsource_CONFIRM |
| https://oval.cisecurity.org/repository/search/def… | vdb-entrysignaturex_refsource_OVAL |
| http://lists.opensuse.org/opensuse-updates/2013-0… | vendor-advisoryx_refsource_SUSE |
Date Public
2013-06-07 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:30:49.971Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.wireshark.org/docs/relnotes/wireshark-1.8.8.html"
},
{
"name": "53762",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/53762"
},
{
"name": "54425",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/54425"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8730"
},
{
"name": "GLSA-201308-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-201308-05.xml"
},
{
"name": "openSUSE-SU-2013:1086",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00196.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-gsm_cbch.c?r1=49686\u0026r2=49685\u0026pathrev=49686"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://anonsvn.wireshark.org/viewvc?view=revision\u0026revision=49686"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.wireshark.org/security/wnpa-sec-2013-37.html"
},
{
"name": "oval:org.mitre.oval:def:16691",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16691"
},
{
"name": "openSUSE-SU-2013:1084",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00194.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-06-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The dissect_schedule_message function in epan/dissectors/packet-gsm_cbch.c in the GSM CBCH dissector in Wireshark 1.8.x before 1.8.8 allows remote attackers to cause a denial of service (infinite loop and application hang) via a crafted packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.wireshark.org/docs/relnotes/wireshark-1.8.8.html"
},
{
"name": "53762",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/53762"
},
{
"name": "54425",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/54425"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8730"
},
{
"name": "GLSA-201308-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-201308-05.xml"
},
{
"name": "openSUSE-SU-2013:1086",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00196.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-gsm_cbch.c?r1=49686\u0026r2=49685\u0026pathrev=49686"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://anonsvn.wireshark.org/viewvc?view=revision\u0026revision=49686"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.wireshark.org/security/wnpa-sec-2013-37.html"
},
{
"name": "oval:org.mitre.oval:def:16691",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16691"
},
{
"name": "openSUSE-SU-2013:1084",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00194.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-4079",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The dissect_schedule_message function in epan/dissectors/packet-gsm_cbch.c in the GSM CBCH dissector in Wireshark 1.8.x before 1.8.8 allows remote attackers to cause a denial of service (infinite loop and application hang) via a crafted packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.wireshark.org/docs/relnotes/wireshark-1.8.8.html",
"refsource": "CONFIRM",
"url": "http://www.wireshark.org/docs/relnotes/wireshark-1.8.8.html"
},
{
"name": "53762",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/53762"
},
{
"name": "54425",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/54425"
},
{
"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8730",
"refsource": "CONFIRM",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8730"
},
{
"name": "GLSA-201308-05",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-201308-05.xml"
},
{
"name": "openSUSE-SU-2013:1086",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00196.html"
},
{
"name": "http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-gsm_cbch.c?r1=49686\u0026r2=49685\u0026pathrev=49686",
"refsource": "CONFIRM",
"url": "http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-gsm_cbch.c?r1=49686\u0026r2=49685\u0026pathrev=49686"
},
{
"name": "http://anonsvn.wireshark.org/viewvc?view=revision\u0026revision=49686",
"refsource": "CONFIRM",
"url": "http://anonsvn.wireshark.org/viewvc?view=revision\u0026revision=49686"
},
{
"name": "http://www.wireshark.org/security/wnpa-sec-2013-37.html",
"refsource": "CONFIRM",
"url": "http://www.wireshark.org/security/wnpa-sec-2013-37.html"
},
{
"name": "oval:org.mitre.oval:def:16691",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16691"
},
{
"name": "openSUSE-SU-2013:1084",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00194.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-4079",
"datePublished": "2013-06-09T21:00:00.000Z",
"dateReserved": "2013-06-09T00:00:00.000Z",
"dateUpdated": "2024-08-06T16:30:49.971Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4080 (GCVE-0-2013-4080)
Vulnerability from cvelistv5 – Published: 2013-06-09 21:00 – Updated: 2024-08-06 16:30
VLAI
EPSS
Summary
The dissect_r3_upstreamcommand_queryconfig function in epan/dissectors/packet-assa_r3.c in the Assa Abloy R3 dissector in Wireshark 1.8.x before 1.8.8 does not properly handle a zero-length item, which allows remote attackers to cause a denial of service (infinite loop, and CPU and memory consumption) via a crafted packet.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
12 references
| URL | Tags |
|---|---|
| http://www.wireshark.org/docs/relnotes/wireshark-… | x_refsource_CONFIRM |
| http://secunia.com/advisories/53762 | third-party-advisoryx_refsource_SECUNIA |
| http://www.wireshark.org/security/wnpa-sec-2013-38.html | x_refsource_CONFIRM |
| http://secunia.com/advisories/54425 | third-party-advisoryx_refsource_SECUNIA |
| https://oval.cisecurity.org/repository/search/def… | vdb-entrysignaturex_refsource_OVAL |
| https://bugs.wireshark.org/bugzilla/show_bug.cgi?… | x_refsource_CONFIRM |
| http://www.gentoo.org/security/en/glsa/glsa-20130… | vendor-advisoryx_refsource_GENTOO |
| http://lists.opensuse.org/opensuse-updates/2013-0… | vendor-advisoryx_refsource_SUSE |
| http://www.securityfocus.com/bid/60503 | vdb-entryx_refsource_BID |
| http://anonsvn.wireshark.org/viewvc?view=revision… | x_refsource_CONFIRM |
| http://lists.opensuse.org/opensuse-updates/2013-0… | vendor-advisoryx_refsource_SUSE |
| http://anonsvn.wireshark.org/viewvc/trunk/epan/di… | x_refsource_CONFIRM |
Date Public
2013-06-07 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:30:50.014Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.wireshark.org/docs/relnotes/wireshark-1.8.8.html"
},
{
"name": "53762",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/53762"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.wireshark.org/security/wnpa-sec-2013-38.html"
},
{
"name": "54425",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/54425"
},
{
"name": "oval:org.mitre.oval:def:16873",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16873"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8764"
},
{
"name": "GLSA-201308-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-201308-05.xml"
},
{
"name": "openSUSE-SU-2013:1086",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00196.html"
},
{
"name": "60503",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/60503"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://anonsvn.wireshark.org/viewvc?view=revision\u0026revision=49744"
},
{
"name": "openSUSE-SU-2013:1084",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00194.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-assa_r3.c?r1=49744\u0026r2=49743\u0026pathrev=49744"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-06-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The dissect_r3_upstreamcommand_queryconfig function in epan/dissectors/packet-assa_r3.c in the Assa Abloy R3 dissector in Wireshark 1.8.x before 1.8.8 does not properly handle a zero-length item, which allows remote attackers to cause a denial of service (infinite loop, and CPU and memory consumption) via a crafted packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.wireshark.org/docs/relnotes/wireshark-1.8.8.html"
},
{
"name": "53762",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/53762"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.wireshark.org/security/wnpa-sec-2013-38.html"
},
{
"name": "54425",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/54425"
},
{
"name": "oval:org.mitre.oval:def:16873",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16873"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8764"
},
{
"name": "GLSA-201308-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-201308-05.xml"
},
{
"name": "openSUSE-SU-2013:1086",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00196.html"
},
{
"name": "60503",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/60503"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://anonsvn.wireshark.org/viewvc?view=revision\u0026revision=49744"
},
{
"name": "openSUSE-SU-2013:1084",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00194.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-assa_r3.c?r1=49744\u0026r2=49743\u0026pathrev=49744"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-4080",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The dissect_r3_upstreamcommand_queryconfig function in epan/dissectors/packet-assa_r3.c in the Assa Abloy R3 dissector in Wireshark 1.8.x before 1.8.8 does not properly handle a zero-length item, which allows remote attackers to cause a denial of service (infinite loop, and CPU and memory consumption) via a crafted packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.wireshark.org/docs/relnotes/wireshark-1.8.8.html",
"refsource": "CONFIRM",
"url": "http://www.wireshark.org/docs/relnotes/wireshark-1.8.8.html"
},
{
"name": "53762",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/53762"
},
{
"name": "http://www.wireshark.org/security/wnpa-sec-2013-38.html",
"refsource": "CONFIRM",
"url": "http://www.wireshark.org/security/wnpa-sec-2013-38.html"
},
{
"name": "54425",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/54425"
},
{
"name": "oval:org.mitre.oval:def:16873",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16873"
},
{
"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8764",
"refsource": "CONFIRM",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8764"
},
{
"name": "GLSA-201308-05",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-201308-05.xml"
},
{
"name": "openSUSE-SU-2013:1086",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00196.html"
},
{
"name": "60503",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/60503"
},
{
"name": "http://anonsvn.wireshark.org/viewvc?view=revision\u0026revision=49744",
"refsource": "CONFIRM",
"url": "http://anonsvn.wireshark.org/viewvc?view=revision\u0026revision=49744"
},
{
"name": "openSUSE-SU-2013:1084",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00194.html"
},
{
"name": "http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-assa_r3.c?r1=49744\u0026r2=49743\u0026pathrev=49744",
"refsource": "CONFIRM",
"url": "http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-assa_r3.c?r1=49744\u0026r2=49743\u0026pathrev=49744"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-4080",
"datePublished": "2013-06-09T21:00:00.000Z",
"dateReserved": "2013-06-09T00:00:00.000Z",
"dateUpdated": "2024-08-06T16:30:50.014Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4081 (GCVE-0-2013-4081)
Vulnerability from cvelistv5 – Published: 2013-06-09 21:00 – Updated: 2024-08-06 16:30
VLAI
EPSS
Summary
The http_payload_subdissector function in epan/dissectors/packet-http.c in the HTTP dissector in Wireshark 1.6.x before 1.6.16 and 1.8.x before 1.8.8 does not properly determine when to use a recursive approach, which allows remote attackers to cause a denial of service (stack consumption) via a crafted packet.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
16 references
Date Public
2013-06-07 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:30:49.918Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.wireshark.org/docs/relnotes/wireshark-1.8.8.html"
},
{
"name": "53762",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/53762"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.wireshark.org/security/wnpa-sec-2013-39.html"
},
{
"name": "RHSA-2014:0341",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0341.html"
},
{
"name": "54425",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/54425"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-http.c?r1=49623\u0026r2=49622\u0026pathrev=49623"
},
{
"name": "oval:org.mitre.oval:def:16820",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16820"
},
{
"name": "GLSA-201308-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-201308-05.xml"
},
{
"name": "60505",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/60505"
},
{
"name": "openSUSE-SU-2013:1086",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00196.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.wireshark.org/docs/relnotes/wireshark-1.6.16.html"
},
{
"name": "DSA-2709",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2013/dsa-2709"
},
{
"name": "MDVSA-2013:172",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:172"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8733"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://anonsvn.wireshark.org/viewvc?view=revision\u0026revision=49623"
},
{
"name": "openSUSE-SU-2013:1084",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00194.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-06-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The http_payload_subdissector function in epan/dissectors/packet-http.c in the HTTP dissector in Wireshark 1.6.x before 1.6.16 and 1.8.x before 1.8.8 does not properly determine when to use a recursive approach, which allows remote attackers to cause a denial of service (stack consumption) via a crafted packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.wireshark.org/docs/relnotes/wireshark-1.8.8.html"
},
{
"name": "53762",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/53762"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.wireshark.org/security/wnpa-sec-2013-39.html"
},
{
"name": "RHSA-2014:0341",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0341.html"
},
{
"name": "54425",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/54425"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-http.c?r1=49623\u0026r2=49622\u0026pathrev=49623"
},
{
"name": "oval:org.mitre.oval:def:16820",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16820"
},
{
"name": "GLSA-201308-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-201308-05.xml"
},
{
"name": "60505",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/60505"
},
{
"name": "openSUSE-SU-2013:1086",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00196.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.wireshark.org/docs/relnotes/wireshark-1.6.16.html"
},
{
"name": "DSA-2709",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2013/dsa-2709"
},
{
"name": "MDVSA-2013:172",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:172"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8733"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://anonsvn.wireshark.org/viewvc?view=revision\u0026revision=49623"
},
{
"name": "openSUSE-SU-2013:1084",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00194.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-4081",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The http_payload_subdissector function in epan/dissectors/packet-http.c in the HTTP dissector in Wireshark 1.6.x before 1.6.16 and 1.8.x before 1.8.8 does not properly determine when to use a recursive approach, which allows remote attackers to cause a denial of service (stack consumption) via a crafted packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.wireshark.org/docs/relnotes/wireshark-1.8.8.html",
"refsource": "CONFIRM",
"url": "http://www.wireshark.org/docs/relnotes/wireshark-1.8.8.html"
},
{
"name": "53762",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/53762"
},
{
"name": "http://www.wireshark.org/security/wnpa-sec-2013-39.html",
"refsource": "CONFIRM",
"url": "http://www.wireshark.org/security/wnpa-sec-2013-39.html"
},
{
"name": "RHSA-2014:0341",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0341.html"
},
{
"name": "54425",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/54425"
},
{
"name": "http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-http.c?r1=49623\u0026r2=49622\u0026pathrev=49623",
"refsource": "CONFIRM",
"url": "http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-http.c?r1=49623\u0026r2=49622\u0026pathrev=49623"
},
{
"name": "oval:org.mitre.oval:def:16820",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16820"
},
{
"name": "GLSA-201308-05",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-201308-05.xml"
},
{
"name": "60505",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/60505"
},
{
"name": "openSUSE-SU-2013:1086",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00196.html"
},
{
"name": "http://www.wireshark.org/docs/relnotes/wireshark-1.6.16.html",
"refsource": "CONFIRM",
"url": "http://www.wireshark.org/docs/relnotes/wireshark-1.6.16.html"
},
{
"name": "DSA-2709",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2013/dsa-2709"
},
{
"name": "MDVSA-2013:172",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:172"
},
{
"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8733",
"refsource": "CONFIRM",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8733"
},
{
"name": "http://anonsvn.wireshark.org/viewvc?view=revision\u0026revision=49623",
"refsource": "CONFIRM",
"url": "http://anonsvn.wireshark.org/viewvc?view=revision\u0026revision=49623"
},
{
"name": "openSUSE-SU-2013:1084",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00194.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-4081",
"datePublished": "2013-06-09T21:00:00.000Z",
"dateReserved": "2013-06-09T00:00:00.000Z",
"dateUpdated": "2024-08-06T16:30:49.918Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4082 (GCVE-0-2013-4082)
Vulnerability from cvelistv5 – Published: 2013-06-09 21:00 – Updated: 2024-08-06 16:30
VLAI
EPSS
Summary
The vwr_read function in wiretap/vwr.c in the Ixia IxVeriWave file parser in Wireshark 1.8.x before 1.8.8 does not validate the relationship between a record length and a trailer length, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) via a crafted packet.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
12 references
| URL | Tags |
|---|---|
| http://www.wireshark.org/docs/relnotes/wireshark-… | x_refsource_CONFIRM |
| http://secunia.com/advisories/53762 | third-party-advisoryx_refsource_SECUNIA |
| http://secunia.com/advisories/54425 | third-party-advisoryx_refsource_SECUNIA |
| https://bugs.wireshark.org/bugzilla/show_bug.cgi?… | x_refsource_CONFIRM |
| http://www.gentoo.org/security/en/glsa/glsa-20130… | vendor-advisoryx_refsource_GENTOO |
| http://lists.opensuse.org/opensuse-updates/2013-0… | vendor-advisoryx_refsource_SUSE |
| http://www.debian.org/security/2013/dsa-2709 | vendor-advisoryx_refsource_DEBIAN |
| http://anonsvn.wireshark.org/viewvc?view=revision… | x_refsource_CONFIRM |
| http://anonsvn.wireshark.org/viewvc/trunk/wiretap… | x_refsource_CONFIRM |
| http://www.wireshark.org/security/wnpa-sec-2013-40.html | x_refsource_CONFIRM |
| https://oval.cisecurity.org/repository/search/def… | vdb-entrysignaturex_refsource_OVAL |
| http://lists.opensuse.org/opensuse-updates/2013-0… | vendor-advisoryx_refsource_SUSE |
Date Public
2013-06-07 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:30:49.925Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.wireshark.org/docs/relnotes/wireshark-1.8.8.html"
},
{
"name": "53762",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/53762"
},
{
"name": "54425",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/54425"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8760"
},
{
"name": "GLSA-201308-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-201308-05.xml"
},
{
"name": "openSUSE-SU-2013:1086",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00196.html"
},
{
"name": "DSA-2709",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2013/dsa-2709"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://anonsvn.wireshark.org/viewvc?view=revision\u0026revision=49739"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://anonsvn.wireshark.org/viewvc/trunk/wiretap/vwr.c?r1=49739\u0026r2=49738\u0026pathrev=49739"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.wireshark.org/security/wnpa-sec-2013-40.html"
},
{
"name": "oval:org.mitre.oval:def:16886",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16886"
},
{
"name": "openSUSE-SU-2013:1084",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00194.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-06-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The vwr_read function in wiretap/vwr.c in the Ixia IxVeriWave file parser in Wireshark 1.8.x before 1.8.8 does not validate the relationship between a record length and a trailer length, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) via a crafted packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.wireshark.org/docs/relnotes/wireshark-1.8.8.html"
},
{
"name": "53762",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/53762"
},
{
"name": "54425",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/54425"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8760"
},
{
"name": "GLSA-201308-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-201308-05.xml"
},
{
"name": "openSUSE-SU-2013:1086",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00196.html"
},
{
"name": "DSA-2709",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2013/dsa-2709"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://anonsvn.wireshark.org/viewvc?view=revision\u0026revision=49739"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://anonsvn.wireshark.org/viewvc/trunk/wiretap/vwr.c?r1=49739\u0026r2=49738\u0026pathrev=49739"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.wireshark.org/security/wnpa-sec-2013-40.html"
},
{
"name": "oval:org.mitre.oval:def:16886",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16886"
},
{
"name": "openSUSE-SU-2013:1084",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00194.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-4082",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The vwr_read function in wiretap/vwr.c in the Ixia IxVeriWave file parser in Wireshark 1.8.x before 1.8.8 does not validate the relationship between a record length and a trailer length, which allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) via a crafted packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.wireshark.org/docs/relnotes/wireshark-1.8.8.html",
"refsource": "CONFIRM",
"url": "http://www.wireshark.org/docs/relnotes/wireshark-1.8.8.html"
},
{
"name": "53762",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/53762"
},
{
"name": "54425",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/54425"
},
{
"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8760",
"refsource": "CONFIRM",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8760"
},
{
"name": "GLSA-201308-05",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-201308-05.xml"
},
{
"name": "openSUSE-SU-2013:1086",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00196.html"
},
{
"name": "DSA-2709",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2013/dsa-2709"
},
{
"name": "http://anonsvn.wireshark.org/viewvc?view=revision\u0026revision=49739",
"refsource": "CONFIRM",
"url": "http://anonsvn.wireshark.org/viewvc?view=revision\u0026revision=49739"
},
{
"name": "http://anonsvn.wireshark.org/viewvc/trunk/wiretap/vwr.c?r1=49739\u0026r2=49738\u0026pathrev=49739",
"refsource": "CONFIRM",
"url": "http://anonsvn.wireshark.org/viewvc/trunk/wiretap/vwr.c?r1=49739\u0026r2=49738\u0026pathrev=49739"
},
{
"name": "http://www.wireshark.org/security/wnpa-sec-2013-40.html",
"refsource": "CONFIRM",
"url": "http://www.wireshark.org/security/wnpa-sec-2013-40.html"
},
{
"name": "oval:org.mitre.oval:def:16886",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16886"
},
{
"name": "openSUSE-SU-2013:1084",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00194.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-4082",
"datePublished": "2013-06-09T21:00:00.000Z",
"dateReserved": "2013-06-09T00:00:00.000Z",
"dateUpdated": "2024-08-06T16:30:49.925Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4083 (GCVE-0-2013-4083)
Vulnerability from cvelistv5 – Published: 2013-06-09 21:00 – Updated: 2024-08-06 16:30
VLAI
EPSS
Summary
The dissect_pft function in epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.6.x before 1.6.16, 1.8.x before 1.8.8, and 1.10.0 does not validate a certain fragment length value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
17 references
Date Public
2013-06-07 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:30:50.040Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8717"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.wireshark.org/docs/relnotes/wireshark-1.8.8.html"
},
{
"name": "53762",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/53762"
},
{
"name": "RHSA-2014:0341",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0341.html"
},
{
"name": "54425",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/54425"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.wireshark.org/docs/relnotes/wireshark-1.10.1.html"
},
{
"name": "GLSA-201308-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-201308-05.xml"
},
{
"name": "openSUSE-SU-2013:1086",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00196.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.wireshark.org/docs/relnotes/wireshark-1.6.16.html"
},
{
"name": "DSA-2709",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2013/dsa-2709"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-dcp-etsi.c?r1=49802\u0026r2=49801\u0026pathrev=49802"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.wireshark.org/security/wnpa-sec-2013-41.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://anonsvn.wireshark.org/viewvc?view=revision\u0026revision=49802"
},
{
"name": "54296",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/54296"
},
{
"name": "oval:org.mitre.oval:def:16375",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16375"
},
{
"name": "MDVSA-2013:172",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:172"
},
{
"name": "openSUSE-SU-2013:1084",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00194.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-06-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The dissect_pft function in epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.6.x before 1.6.16, 1.8.x before 1.8.8, and 1.10.0 does not validate a certain fragment length value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8717"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.wireshark.org/docs/relnotes/wireshark-1.8.8.html"
},
{
"name": "53762",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/53762"
},
{
"name": "RHSA-2014:0341",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2014-0341.html"
},
{
"name": "54425",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/54425"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.wireshark.org/docs/relnotes/wireshark-1.10.1.html"
},
{
"name": "GLSA-201308-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-201308-05.xml"
},
{
"name": "openSUSE-SU-2013:1086",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00196.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.wireshark.org/docs/relnotes/wireshark-1.6.16.html"
},
{
"name": "DSA-2709",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2013/dsa-2709"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-dcp-etsi.c?r1=49802\u0026r2=49801\u0026pathrev=49802"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.wireshark.org/security/wnpa-sec-2013-41.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://anonsvn.wireshark.org/viewvc?view=revision\u0026revision=49802"
},
{
"name": "54296",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/54296"
},
{
"name": "oval:org.mitre.oval:def:16375",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16375"
},
{
"name": "MDVSA-2013:172",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:172"
},
{
"name": "openSUSE-SU-2013:1084",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00194.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-4083",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The dissect_pft function in epan/dissectors/packet-dcp-etsi.c in the DCP ETSI dissector in Wireshark 1.6.x before 1.6.16, 1.8.x before 1.8.8, and 1.10.0 does not validate a certain fragment length value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8717",
"refsource": "CONFIRM",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8717"
},
{
"name": "http://www.wireshark.org/docs/relnotes/wireshark-1.8.8.html",
"refsource": "CONFIRM",
"url": "http://www.wireshark.org/docs/relnotes/wireshark-1.8.8.html"
},
{
"name": "53762",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/53762"
},
{
"name": "RHSA-2014:0341",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2014-0341.html"
},
{
"name": "54425",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/54425"
},
{
"name": "http://www.wireshark.org/docs/relnotes/wireshark-1.10.1.html",
"refsource": "CONFIRM",
"url": "http://www.wireshark.org/docs/relnotes/wireshark-1.10.1.html"
},
{
"name": "GLSA-201308-05",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-201308-05.xml"
},
{
"name": "openSUSE-SU-2013:1086",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00196.html"
},
{
"name": "http://www.wireshark.org/docs/relnotes/wireshark-1.6.16.html",
"refsource": "CONFIRM",
"url": "http://www.wireshark.org/docs/relnotes/wireshark-1.6.16.html"
},
{
"name": "DSA-2709",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2013/dsa-2709"
},
{
"name": "http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-dcp-etsi.c?r1=49802\u0026r2=49801\u0026pathrev=49802",
"refsource": "CONFIRM",
"url": "http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-dcp-etsi.c?r1=49802\u0026r2=49801\u0026pathrev=49802"
},
{
"name": "http://www.wireshark.org/security/wnpa-sec-2013-41.html",
"refsource": "CONFIRM",
"url": "http://www.wireshark.org/security/wnpa-sec-2013-41.html"
},
{
"name": "http://anonsvn.wireshark.org/viewvc?view=revision\u0026revision=49802",
"refsource": "CONFIRM",
"url": "http://anonsvn.wireshark.org/viewvc?view=revision\u0026revision=49802"
},
{
"name": "54296",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/54296"
},
{
"name": "oval:org.mitre.oval:def:16375",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16375"
},
{
"name": "MDVSA-2013:172",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:172"
},
{
"name": "openSUSE-SU-2013:1084",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-updates/2013-06/msg00194.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-4083",
"datePublished": "2013-06-09T21:00:00.000Z",
"dateReserved": "2013-06-09T00:00:00.000Z",
"dateUpdated": "2024-08-06T16:30:50.040Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4920 (GCVE-0-2013-4920)
Vulnerability from cvelistv5 – Published: 2013-07-29 19:00 – Updated: 2024-08-06 16:59
VLAI
EPSS
Summary
The P1 dissector in Wireshark 1.10.x before 1.10.1 does not properly initialize a global variable, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| https://bugs.wireshark.org/bugzilla/show_bug.cgi?… | x_refsource_CONFIRM |
| http://secunia.com/advisories/54425 | third-party-advisoryx_refsource_SECUNIA |
| https://www.wireshark.org/security/wnpa-sec-2013-… | x_refsource_CONFIRM |
| http://www.wireshark.org/docs/relnotes/wireshark-… | x_refsource_CONFIRM |
| http://www.gentoo.org/security/en/glsa/glsa-20130… | vendor-advisoryx_refsource_GENTOO |
| https://oval.cisecurity.org/repository/search/def… | vdb-entrysignaturex_refsource_OVAL |
| http://secunia.com/advisories/54296 | third-party-advisoryx_refsource_SECUNIA |
| http://anonsvn.wireshark.org/viewvc?view=revision… | x_refsource_CONFIRM |
Date Public
2013-07-26 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:59:41.024Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8826"
},
{
"name": "54425",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/54425"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.wireshark.org/security/wnpa-sec-2013-42.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.wireshark.org/docs/relnotes/wireshark-1.10.1.html"
},
{
"name": "GLSA-201308-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-201308-05.xml"
},
{
"name": "oval:org.mitre.oval:def:17089",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17089"
},
{
"name": "54296",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/54296"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://anonsvn.wireshark.org/viewvc?view=revision\u0026revision=50083"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-07-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The P1 dissector in Wireshark 1.10.x before 1.10.1 does not properly initialize a global variable, which allows remote attackers to cause a denial of service (application crash) via a crafted packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8826"
},
{
"name": "54425",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/54425"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.wireshark.org/security/wnpa-sec-2013-42.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.wireshark.org/docs/relnotes/wireshark-1.10.1.html"
},
{
"name": "GLSA-201308-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-201308-05.xml"
},
{
"name": "oval:org.mitre.oval:def:17089",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17089"
},
{
"name": "54296",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/54296"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://anonsvn.wireshark.org/viewvc?view=revision\u0026revision=50083"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-4920",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The P1 dissector in Wireshark 1.10.x before 1.10.1 does not properly initialize a global variable, which allows remote attackers to cause a denial of service (application crash) via a crafted packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8826",
"refsource": "CONFIRM",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8826"
},
{
"name": "54425",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/54425"
},
{
"name": "https://www.wireshark.org/security/wnpa-sec-2013-42.html",
"refsource": "CONFIRM",
"url": "https://www.wireshark.org/security/wnpa-sec-2013-42.html"
},
{
"name": "http://www.wireshark.org/docs/relnotes/wireshark-1.10.1.html",
"refsource": "CONFIRM",
"url": "http://www.wireshark.org/docs/relnotes/wireshark-1.10.1.html"
},
{
"name": "GLSA-201308-05",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-201308-05.xml"
},
{
"name": "oval:org.mitre.oval:def:17089",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17089"
},
{
"name": "54296",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/54296"
},
{
"name": "http://anonsvn.wireshark.org/viewvc?view=revision\u0026revision=50083",
"refsource": "CONFIRM",
"url": "http://anonsvn.wireshark.org/viewvc?view=revision\u0026revision=50083"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-4920",
"datePublished": "2013-07-29T19:00:00.000Z",
"dateReserved": "2013-07-26T00:00:00.000Z",
"dateUpdated": "2024-08-06T16:59:41.024Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4921 (GCVE-0-2013-4921)
Vulnerability from cvelistv5 – Published: 2013-07-29 19:00 – Updated: 2024-08-06 16:59
VLAI
EPSS
Summary
Off-by-one error in the dissect_radiotap function in epan/dissectors/packet-ieee80211-radiotap.c in the Radiotap dissector in Wireshark 1.10.x before 1.10.1 allows remote attackers to cause a denial of service (application crash) via a crafted packet.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| https://oval.cisecurity.org/repository/search/def… | vdb-entrysignaturex_refsource_OVAL |
| http://secunia.com/advisories/54425 | third-party-advisoryx_refsource_SECUNIA |
| http://anonsvn.wireshark.org/viewvc/trunk/epan/di… | x_refsource_CONFIRM |
| https://www.wireshark.org/security/wnpa-sec-2013-… | x_refsource_CONFIRM |
| http://www.wireshark.org/docs/relnotes/wireshark-… | x_refsource_CONFIRM |
| http://www.gentoo.org/security/en/glsa/glsa-20130… | vendor-advisoryx_refsource_GENTOO |
| https://bugs.wireshark.org/bugzilla/show_bug.cgi?… | x_refsource_CONFIRM |
| http://anonsvn.wireshark.org/viewvc?view=revision… | x_refsource_CONFIRM |
| http://secunia.com/advisories/54296 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2013-07-26 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:59:40.939Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "oval:org.mitre.oval:def:17514",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17514"
},
{
"name": "54425",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/54425"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-ieee80211-radiotap.c?r1=50090\u0026r2=50089\u0026pathrev=50090"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.wireshark.org/security/wnpa-sec-2013-43.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.wireshark.org/docs/relnotes/wireshark-1.10.1.html"
},
{
"name": "GLSA-201308-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-201308-05.xml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8830"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://anonsvn.wireshark.org/viewvc?view=revision\u0026revision=50090"
},
{
"name": "54296",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/54296"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-07-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Off-by-one error in the dissect_radiotap function in epan/dissectors/packet-ieee80211-radiotap.c in the Radiotap dissector in Wireshark 1.10.x before 1.10.1 allows remote attackers to cause a denial of service (application crash) via a crafted packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "oval:org.mitre.oval:def:17514",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17514"
},
{
"name": "54425",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/54425"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-ieee80211-radiotap.c?r1=50090\u0026r2=50089\u0026pathrev=50090"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.wireshark.org/security/wnpa-sec-2013-43.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.wireshark.org/docs/relnotes/wireshark-1.10.1.html"
},
{
"name": "GLSA-201308-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-201308-05.xml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8830"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://anonsvn.wireshark.org/viewvc?view=revision\u0026revision=50090"
},
{
"name": "54296",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/54296"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-4921",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Off-by-one error in the dissect_radiotap function in epan/dissectors/packet-ieee80211-radiotap.c in the Radiotap dissector in Wireshark 1.10.x before 1.10.1 allows remote attackers to cause a denial of service (application crash) via a crafted packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "oval:org.mitre.oval:def:17514",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17514"
},
{
"name": "54425",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/54425"
},
{
"name": "http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-ieee80211-radiotap.c?r1=50090\u0026r2=50089\u0026pathrev=50090",
"refsource": "CONFIRM",
"url": "http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-ieee80211-radiotap.c?r1=50090\u0026r2=50089\u0026pathrev=50090"
},
{
"name": "https://www.wireshark.org/security/wnpa-sec-2013-43.html",
"refsource": "CONFIRM",
"url": "https://www.wireshark.org/security/wnpa-sec-2013-43.html"
},
{
"name": "http://www.wireshark.org/docs/relnotes/wireshark-1.10.1.html",
"refsource": "CONFIRM",
"url": "http://www.wireshark.org/docs/relnotes/wireshark-1.10.1.html"
},
{
"name": "GLSA-201308-05",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-201308-05.xml"
},
{
"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8830",
"refsource": "CONFIRM",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8830"
},
{
"name": "http://anonsvn.wireshark.org/viewvc?view=revision\u0026revision=50090",
"refsource": "CONFIRM",
"url": "http://anonsvn.wireshark.org/viewvc?view=revision\u0026revision=50090"
},
{
"name": "54296",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/54296"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-4921",
"datePublished": "2013-07-29T19:00:00.000Z",
"dateReserved": "2013-07-26T00:00:00.000Z",
"dateUpdated": "2024-08-06T16:59:40.939Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4922 (GCVE-0-2013-4922)
Vulnerability from cvelistv5 – Published: 2013-07-29 19:00 – Updated: 2024-08-06 16:59
VLAI
EPSS
Summary
Double free vulnerability in the dissect_dcom_ActivationProperties function in epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in Wireshark 1.10.x before 1.10.1 allows remote attackers to cause a denial of service (application crash) via a crafted packet.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| https://bugs.wireshark.org/bugzilla/show_bug.cgi?… | x_refsource_CONFIRM |
| http://anonsvn.wireshark.org/viewvc?view=revision… | x_refsource_CONFIRM |
| http://secunia.com/advisories/54425 | third-party-advisoryx_refsource_SECUNIA |
| http://www.wireshark.org/docs/relnotes/wireshark-… | x_refsource_CONFIRM |
| http://www.gentoo.org/security/en/glsa/glsa-20130… | vendor-advisoryx_refsource_GENTOO |
| https://oval.cisecurity.org/repository/search/def… | vdb-entrysignaturex_refsource_OVAL |
| https://www.wireshark.org/security/wnpa-sec-2013-… | x_refsource_CONFIRM |
| http://secunia.com/advisories/54296 | third-party-advisoryx_refsource_SECUNIA |
| http://anonsvn.wireshark.org/viewvc/trunk/epan/di… | x_refsource_CONFIRM |
Date Public
2013-07-26 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:59:40.803Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8828"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://anonsvn.wireshark.org/viewvc?view=revision\u0026revision=50094"
},
{
"name": "54425",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/54425"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.wireshark.org/docs/relnotes/wireshark-1.10.1.html"
},
{
"name": "GLSA-201308-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-201308-05.xml"
},
{
"name": "oval:org.mitre.oval:def:17456",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17456"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.wireshark.org/security/wnpa-sec-2013-44.html"
},
{
"name": "54296",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/54296"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-dcom-sysact.c?r1=50094\u0026r2=50093\u0026pathrev=50094"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-07-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Double free vulnerability in the dissect_dcom_ActivationProperties function in epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in Wireshark 1.10.x before 1.10.1 allows remote attackers to cause a denial of service (application crash) via a crafted packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8828"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://anonsvn.wireshark.org/viewvc?view=revision\u0026revision=50094"
},
{
"name": "54425",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/54425"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.wireshark.org/docs/relnotes/wireshark-1.10.1.html"
},
{
"name": "GLSA-201308-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-201308-05.xml"
},
{
"name": "oval:org.mitre.oval:def:17456",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17456"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.wireshark.org/security/wnpa-sec-2013-44.html"
},
{
"name": "54296",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/54296"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-dcom-sysact.c?r1=50094\u0026r2=50093\u0026pathrev=50094"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-4922",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Double free vulnerability in the dissect_dcom_ActivationProperties function in epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in Wireshark 1.10.x before 1.10.1 allows remote attackers to cause a denial of service (application crash) via a crafted packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8828",
"refsource": "CONFIRM",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8828"
},
{
"name": "http://anonsvn.wireshark.org/viewvc?view=revision\u0026revision=50094",
"refsource": "CONFIRM",
"url": "http://anonsvn.wireshark.org/viewvc?view=revision\u0026revision=50094"
},
{
"name": "54425",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/54425"
},
{
"name": "http://www.wireshark.org/docs/relnotes/wireshark-1.10.1.html",
"refsource": "CONFIRM",
"url": "http://www.wireshark.org/docs/relnotes/wireshark-1.10.1.html"
},
{
"name": "GLSA-201308-05",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-201308-05.xml"
},
{
"name": "oval:org.mitre.oval:def:17456",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17456"
},
{
"name": "https://www.wireshark.org/security/wnpa-sec-2013-44.html",
"refsource": "CONFIRM",
"url": "https://www.wireshark.org/security/wnpa-sec-2013-44.html"
},
{
"name": "54296",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/54296"
},
{
"name": "http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-dcom-sysact.c?r1=50094\u0026r2=50093\u0026pathrev=50094",
"refsource": "CONFIRM",
"url": "http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-dcom-sysact.c?r1=50094\u0026r2=50093\u0026pathrev=50094"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-4922",
"datePublished": "2013-07-29T19:00:00.000Z",
"dateReserved": "2013-07-26T00:00:00.000Z",
"dateUpdated": "2024-08-06T16:59:40.803Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4923 (GCVE-0-2013-4923)
Vulnerability from cvelistv5 – Published: 2013-07-29 19:00 – Updated: 2024-08-06 16:59
VLAI
EPSS
Summary
Memory leak in the dissect_dcom_ActivationProperties function in epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in Wireshark 1.10.x before 1.10.1 allows remote attackers to cause a denial of service (memory consumption) via crafted packets.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
9 references
| URL | Tags |
|---|---|
| https://bugs.wireshark.org/bugzilla/show_bug.cgi?… | x_refsource_CONFIRM |
| http://anonsvn.wireshark.org/viewvc?view=revision… | x_refsource_CONFIRM |
| http://secunia.com/advisories/54425 | third-party-advisoryx_refsource_SECUNIA |
| http://www.wireshark.org/docs/relnotes/wireshark-… | x_refsource_CONFIRM |
| http://www.gentoo.org/security/en/glsa/glsa-20130… | vendor-advisoryx_refsource_GENTOO |
| https://www.wireshark.org/security/wnpa-sec-2013-… | x_refsource_CONFIRM |
| http://secunia.com/advisories/54296 | third-party-advisoryx_refsource_SECUNIA |
| http://anonsvn.wireshark.org/viewvc/trunk/epan/di… | x_refsource_CONFIRM |
| https://oval.cisecurity.org/repository/search/def… | vdb-entrysignaturex_refsource_OVAL |
Date Public
2013-07-26 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:59:41.120Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8828"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://anonsvn.wireshark.org/viewvc?view=revision\u0026revision=50094"
},
{
"name": "54425",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/54425"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.wireshark.org/docs/relnotes/wireshark-1.10.1.html"
},
{
"name": "GLSA-201308-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-201308-05.xml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.wireshark.org/security/wnpa-sec-2013-44.html"
},
{
"name": "54296",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/54296"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-dcom-sysact.c?r1=50094\u0026r2=50093\u0026pathrev=50094"
},
{
"name": "oval:org.mitre.oval:def:16731",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16731"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-07-26T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Memory leak in the dissect_dcom_ActivationProperties function in epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in Wireshark 1.10.x before 1.10.1 allows remote attackers to cause a denial of service (memory consumption) via crafted packets."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8828"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://anonsvn.wireshark.org/viewvc?view=revision\u0026revision=50094"
},
{
"name": "54425",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/54425"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.wireshark.org/docs/relnotes/wireshark-1.10.1.html"
},
{
"name": "GLSA-201308-05",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://www.gentoo.org/security/en/glsa/glsa-201308-05.xml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.wireshark.org/security/wnpa-sec-2013-44.html"
},
{
"name": "54296",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/54296"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-dcom-sysact.c?r1=50094\u0026r2=50093\u0026pathrev=50094"
},
{
"name": "oval:org.mitre.oval:def:16731",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16731"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-4923",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Memory leak in the dissect_dcom_ActivationProperties function in epan/dissectors/packet-dcom-sysact.c in the DCOM ISystemActivator dissector in Wireshark 1.10.x before 1.10.1 allows remote attackers to cause a denial of service (memory consumption) via crafted packets."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8828",
"refsource": "CONFIRM",
"url": "https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8828"
},
{
"name": "http://anonsvn.wireshark.org/viewvc?view=revision\u0026revision=50094",
"refsource": "CONFIRM",
"url": "http://anonsvn.wireshark.org/viewvc?view=revision\u0026revision=50094"
},
{
"name": "54425",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/54425"
},
{
"name": "http://www.wireshark.org/docs/relnotes/wireshark-1.10.1.html",
"refsource": "CONFIRM",
"url": "http://www.wireshark.org/docs/relnotes/wireshark-1.10.1.html"
},
{
"name": "GLSA-201308-05",
"refsource": "GENTOO",
"url": "http://www.gentoo.org/security/en/glsa/glsa-201308-05.xml"
},
{
"name": "https://www.wireshark.org/security/wnpa-sec-2013-44.html",
"refsource": "CONFIRM",
"url": "https://www.wireshark.org/security/wnpa-sec-2013-44.html"
},
{
"name": "54296",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/54296"
},
{
"name": "http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-dcom-sysact.c?r1=50094\u0026r2=50093\u0026pathrev=50094",
"refsource": "CONFIRM",
"url": "http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-dcom-sysact.c?r1=50094\u0026r2=50093\u0026pathrev=50094"
},
{
"name": "oval:org.mitre.oval:def:16731",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16731"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-4923",
"datePublished": "2013-07-29T19:00:00.000Z",
"dateReserved": "2013-07-26T00:00:00.000Z",
"dateUpdated": "2024-08-06T16:59:41.120Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…