8.3
CVE-2012-4297
- EPSS 2.27%
- Veröffentlicht 16.08.2012 10:38:09
- Zuletzt bearbeitet 16.06.2026 23:44:48
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Buffer overflow in the dissect_gsm_rlcmac_downlink function in epan/dissectors/packet-gsm_rlcmac.c in the GSM RLC MAC dissector in Wireshark 1.6.x before 1.6.10 and 1.8.x before 1.8.2 allows remote attackers to execute arbitrary code via a malformed packet.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.27% | 0.808 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 8.3 | 6.5 | 10 |
AV:A/AC:L/Au:N/C:C/I:C/A:C
|
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.
http://secunia.com/advisories/54425
http://www.gentoo.org/security/en/glsa/glsa-201308-05.xml
http://secunia.com/advisories/50276
http://secunia.com/advisories/51363
http://www.securityfocus.com/bid/55035
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_wireshark3
https://hermes.opensuse.org/messages/15514562
http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-gsm_rlcmac.h?r1=44307&r2=44306&pathrev=44307
http://anonsvn.wireshark.org/viewvc?view=revision&revision=44307
http://www.wireshark.org/security/wnpa-sec-2012-19.html
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7561
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15741