4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7 High
AI Score
Confidence
High
0.015 Low
EPSS
Percentile
87.0%
Multiple different vulnerabilities were found in Wireshark. By exploiting these vulnerabilities malicious users can cause denial of service. These vulnerabilities can be exploited remotely via a specially designed packet or file.
Technical details
WBXML dissector epan/dissectors/packet-wbxml.c mishandles offsets;
Ethernet dissector epan/dissectors/packet-pktap.c mishandles the packet-header data type;
NetScreen file parser wiretap/netscreen.c mishandles sscanf unsigned-integer processing;
CoSine file parser wiretap/cosine.c mishandles sscanf unsigned-integer;
Toshiba file parser wiretap/toshiba.c mishandles sscanf unsigned-integer processing;
USB subsystem mishandles class types;
UMTS FP dissector epan/dissectors/packet-umts_fp.c mishandles the reserved C/T value;
IEEE 802.11 dissector epan/crypt/airpdcap.c mishandles certain length values and lack of an EAPOL_RSN_KEY;
SPOOLS component epan/dissectors/packet-dcerpc-spoolss.c mishandles unexpected offsets;
WBXML dissector epan/dissectors/packet-wbxml.c does not restrict the recursion depth;
MMSE, WAP, WBXML, and WSP dissectors epan/dissectors/packet-wap.c omits an overflow check in the tvb_get_guintvar function;
RLC dissector epan/dissectors/packet-rlc.c contains Off-by-one error;
LDSS dissector epan/dissectors/packet-ldss.c mishandles conversations;
RLC dissector epan/dissectors/packet-rlc.c contains Off-by-one error;
LDSS dissector epan/dissectors/packet-ldss.c mishandles conversations;
RLC dissector epan/dissectors/packet-rlc.c uses an incorrect integer data type;
NDS dissector epan/dissectors/packet-ncp2222.inc does not properly maintain a ptvc data structure;
CORBA IDL dissectors in Wireshark 2.x before 2.0.5 on 64-bit Windows platforms do not properly interact with Visual C++ compiler options;
These vulnerabilities also related to PacketBB, WSP, MMSE dissectors and epan/proto.c;
Public exploits exist for this vulnerability.
CVE-2016-5359 warning
CVE-2016-5358 warning
CVE-2016-5357 warning
CVE-2016-5356 warning
CVE-2016-5355 warning
CVE-2016-5354 warning
CVE-2016-5353 warning
CVE-2016-5352 warning
CVE-2016-5351 warning
CVE-2016-5350 warning
CVE-2016-6513 warning
CVE-2016-6512 warning
CVE-2016-6511 warning
CVE-2016-6510 warning
CVE-2016-6509 warning
CVE-2016-6508 warning
CVE-2016-6507 warning
CVE-2016-6506 warning
CVE-2016-6505 warning
CVE-2016-6504 warning
CVE-2016-6503 warning
Update to the latest version
Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.
Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7 High
AI Score
Confidence
High
0.015 Low
EPSS
Percentile
87.0%