Published: 22/07/2015 Updated: 07/11/2023

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

epan/dissectors/packet-gsm_a_dtap.c in the GSM DTAP dissector in Wireshark 1.12.x prior to 1.12.6 does not properly validate digit characters, which allows remote malicious users to cause a denial of service (application crash) via a crafted packet, related to the de_emerg_num_list and de_bcd_num functions.

Vulnerable Product	Search on Vulmon	Subscribe to Product
debian debian linux 8.0
wireshark wireshark 1.12.4
wireshark wireshark 1.12.5
wireshark wireshark 1.12.0
wireshark wireshark 1.12.2
wireshark wireshark 1.12.1
wireshark wireshark 1.12.3

epan/dissectors/packet-gsm_a_dtapc in the GSM DTAP dissector in Wireshark 112x before 1126 does not properly validate digit characters, which allows remote attackers to cause a denial of service (application crash) via a crafted packet, related to the de_emerg_num_list and de_bcd_num functions ...

CWE-20 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=11201 http://www.wireshark.org/security/wnpa-sec-2015-20.html http://www.debian.org/security/2015/dsa-3294 http://www.securityfocus.com/bid/75316 http://www.securitytracker.com/id/1032662 http://lists.opensuse.org/opensuse-updates/2015-07/msg00020.html https://security.gentoo.org/glsa/201510-03 https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=d93be95fc0e7011e8b4ade9171e7e66146063296 https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2015-4652

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2015-4652

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect