5

CVE-2012-4287

Exploit
epan/dissectors/packet-mongo.c in the MongoDB dissector in Wireshark 1.8.x before 1.8.2 allows remote attackers to cause a denial of service (loop and CPU consumption) via a small value for a BSON document length.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
SunSunos Version5.11
WiresharkWireshark Version1.8.0
WiresharkWireshark Version1.8.1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.45% 0.823
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/54425
http://www.gentoo.org/security/en/glsa/glsa-201308-05.xml
http://secunia.com/advisories/50276
http://secunia.com/advisories/51363
http://www.securityfocus.com/bid/55035
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_wireshark3
https://hermes.opensuse.org/messages/15514562
http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-mongo.c?r1=44288&r2=44287&pathrev=44288
Patch
Exploit
http://anonsvn.wireshark.org/viewvc?view=revision&revision=44288
http://www.wireshark.org/security/wnpa-sec-2012-14.html
Vendor Advisory
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7572
Exploit
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15818