5.9

CVE-2016-6510

Off-by-one error in epan/dissectors/packet-rlc.c in the RLC dissector in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) via a crafted packet.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
WiresharkWireshark Version1.12.0
WiresharkWireshark Version1.12.1
WiresharkWireshark Version1.12.2
WiresharkWireshark Version1.12.3
WiresharkWireshark Version1.12.4
WiresharkWireshark Version1.12.5
WiresharkWireshark Version1.12.6
WiresharkWireshark Version1.12.7
WiresharkWireshark Version1.12.8
WiresharkWireshark Version1.12.9
WiresharkWireshark Version1.12.10
WiresharkWireshark Version1.12.11
WiresharkWireshark Version1.12.12
WiresharkWireshark Version2.0.0
WiresharkWireshark Version2.0.1
WiresharkWireshark Version2.0.2
WiresharkWireshark Version2.0.3
WiresharkWireshark Version2.0.4
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.34% 0.814
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.9 2.2 3.6
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://openwall.com/lists/oss-security/2016/07/28/3
Mailing List
http://www.securitytracker.com/id/1036480
http://www.debian.org/security/2016/dsa-3648
http://www.wireshark.org/security/wnpa-sec-2016-46.html
Vendor Advisory
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12664
Issue Tracking
https://code.wireshark.org/review/gitweb?p=wireshark.git%3Ba=commit%3Bh=47a5fa850b388fcf4ea762073806f01b459820fe