Published: 06/08/2016 Updated: 07/11/2023

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 5.9 | Impact Score: 3.6 | Exploitability Score: 2.2

VMScore: 435

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

epan/dissectors/packet-wap.c in Wireshark 2.x prior to 2.0.5 omits an overflow check in the tvb_get_guintvar function, which allows remote malicious users to cause a denial of service (infinite loop) via a crafted packet, related to the MMSE, WAP, WBXML, and WSP dissectors.

Vulnerable Product	Search on Vulmon	Subscribe to Product
wireshark wireshark 2.0.0
wireshark wireshark 2.0.4
wireshark wireshark 2.0.1
wireshark wireshark 2.0.2
wireshark wireshark 2.0.3

Build Information: TShark (Wireshark) 202 (SVN Rev Unknown from unknown) Copyright 1998-2016 Gerald Combs <gerald@wiresharkorg> and contributors License GPLv2+: GNU GPL version 2 or later <wwwgnuorg/licenses/old-licenses/gpl-20html> This is free software; see the source for copying conditions There is NO warranty; not e ...

CWE-20 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12661 http://www.wireshark.org/security/wnpa-sec-2016-48.html http://openwall.com/lists/oss-security/2016/07/28/3 http://www.securitytracker.com/id/1036480 http://www.securityfocus.com/bid/92174 https://www.exploit-db.com/exploits/40195/https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=2193bea3212d74e2a907152055e27d409b59485e https://nvd.nist.gov https://www.exploit-db.com/exploits/40195/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2016-6512

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect