5.9

CVE-2016-6507

epan/dissectors/packet-mmse.c in the MMSE dissector in Wireshark 1.12.x before 1.12.13 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
WiresharkWireshark Version1.12.0
WiresharkWireshark Version1.12.1
WiresharkWireshark Version1.12.2
WiresharkWireshark Version1.12.3
WiresharkWireshark Version1.12.4
WiresharkWireshark Version1.12.5
WiresharkWireshark Version1.12.6
WiresharkWireshark Version1.12.7
WiresharkWireshark Version1.12.8
WiresharkWireshark Version1.12.9
WiresharkWireshark Version1.12.10
WiresharkWireshark Version1.12.11
WiresharkWireshark Version1.12.12
WiresharkWireshark Version2.0.0
WiresharkWireshark Version2.0.1
WiresharkWireshark Version2.0.2
WiresharkWireshark Version2.0.3
WiresharkWireshark Version2.0.4
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.1% 0.793
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.9 2.2 3.6
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://openwall.com/lists/oss-security/2016/07/28/3
Release Notes
http://www.securitytracker.com/id/1036480
http://www.debian.org/security/2016/dsa-3648
http://www.wireshark.org/security/wnpa-sec-2016-43.html
Vendor Advisory
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12624
Issue Tracking
https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=b5a10743258bd016c07ebf6479137fda3d172a0f