Lucene search

[email protected]NVD:CVE-2012-4293

HistoryAug 16, 2012 - 10:38 a.m.

CVE-2012-4293

2012-08-1610:38:08

CWE-189

[email protected]

web.nvd.nist.gov

CVSS2

3.3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:A/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.2

Confidence

Low

EPSS

0.002

Percentile

52.3%

JSON

plugins/ethercat/packet-ecatmb.c in the EtherCAT Mailbox dissector in Wireshark 1.4.x before 1.4.15, 1.6.x before 1.6.10, and 1.8.x before 1.8.2 does not properly handle certain integer fields, which allows remote attackers to cause a denial of service (application exit) via a malformed packet.

Affected configurations

Nvd

Node

opensuseopensuseMatch11.4

opensuseopensuseMatch12.1

sunsunosMatch5.11

Node

wiresharkwiresharkMatch1.6.0

wiresharkwiresharkMatch1.6.1

wiresharkwiresharkMatch1.6.2

wiresharkwiresharkMatch1.6.3

wiresharkwiresharkMatch1.6.4

wiresharkwiresharkMatch1.6.5

wiresharkwiresharkMatch1.6.6

wiresharkwiresharkMatch1.6.7

wiresharkwiresharkMatch1.6.8

wiresharkwiresharkMatch1.6.9

Node

wiresharkwiresharkMatch1.8.0

wiresharkwiresharkMatch1.8.1

Node

wiresharkwiresharkMatch1.4.0

wiresharkwiresharkMatch1.4.1

wiresharkwiresharkMatch1.4.2

wiresharkwiresharkMatch1.4.3

wiresharkwiresharkMatch1.4.4

wiresharkwiresharkMatch1.4.5

wiresharkwiresharkMatch1.4.6

wiresharkwiresharkMatch1.4.7

wiresharkwiresharkMatch1.4.8

wiresharkwiresharkMatch1.4.9

wiresharkwiresharkMatch1.4.10

wiresharkwiresharkMatch1.4.11

wiresharkwiresharkMatch1.4.12

wiresharkwiresharkMatch1.4.13

wiresharkwiresharkMatch1.4.14

References

anonsvn.wireshark.org/viewvc/trunk/plugins/ethercat/packet-ecatmb.c?r1=43149&r2=43148&pathrev=43149

anonsvn.wireshark.org/viewvc?view=revision&revision=43149

lists.opensuse.org/opensuse-updates/2012-08/msg00033.html

secunia.com/advisories/50276

secunia.com/advisories/51363

secunia.com/advisories/54425

www.gentoo.org/security/en/glsa/glsa-201308-05.xml

www.securityfocus.com/bid/55035

www.wireshark.org/security/wnpa-sec-2012-22.html

blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_wireshark3

bugs.wireshark.org/bugzilla/show_bug.cgi?id=7562

hermes.opensuse.org/messages/15514562

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15527

CVSS2

3.3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:A/AC:L/Au:N/C:N/I:N/A:P

AI Score

6.2

Confidence

Low

EPSS

0.002

Percentile

52.3%

JSON

Related for NVD:CVE-2012-4293

debiancve1 cvelist1 cve1 ubuntucve1 prion1 nessus15 openvas14 fedora2 securityvulns2 freebsd1 gentoo1