CVE-2012-2392

Wireshark 1.4.x < 1.4.13 and 1.6.x < 1.6.8 - Denial of Service via Dissector Infinite Loop

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2012-2392.

AI-analyzed exploit summary The exploit provides multiple PCAP files designed to trigger denial-of-service vulnerabilities in Wireshark versions 1.6.0-1.6.7 and 1.4.0-1.4.12. These files contain malformed packets that crash the application when parsed.

Description

Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 allows remote attackers to cause a denial of service (infinite loop) via vectors related to the (1) ANSI MAP, (2) ASF, (3) IEEE 802.11, (4) IEEE 802.3, and (5) LTP dissectors.

Exploits (1)

exploitdb WORKING POC

dosmultiple

https://www.exploit-db.com/exploits/18919

View Code ZIP pw:eip

The exploit provides multiple PCAP files designed to trigger denial-of-service vulnerabilities in Wireshark versions 1.6.0-1.6.7 and 1.4.0-1.4.12. These files contain malformed packets that crash the application when parsed.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Wireshark 1.6.0-1.6.7, 1.4.0-1.4.12

No auth needed

Prerequisites: Access to send or load crafted PCAP files into Wireshark

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (12)

Core 12

Core References

Issue Tracking x_refsource_confirm

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7120

Issue Tracking x_refsource_confirm

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7124

Issue Tracking x_refsource_confirm

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7119

Issue Tracking x_refsource_confirm

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7118

Vendor Advisory vendor-advisory x_refsource_mandriva

http://www.mandriva.com/security/advisories?name=MDVSA-2012:015

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id?1027094

Vendor Advisory vendor-advisory x_refsource_mandriva

http://www.mandriva.com/security/advisories?name=MDVSA-2012:042

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15604

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/49226

Issue Tracking x_refsource_confirm

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6805

Vendor Advisory vendor-advisory x_refsource_mandriva

http://www.mandriva.com/security/advisories?name=MDVSA-2012:080

Vendor Advisory x_refsource_confirm

http://www.wireshark.org/security/wnpa-sec-2012-08.html

Scores

EPSS 0.0347

EPSS Percentile 87.5%

Details

CWE

CWE-399

Status published

Products (22)

wireshark/wireshark 1.4.0

wireshark/wireshark 1.4.1

wireshark/wireshark 1.4.2

wireshark/wireshark 1.4.3

wireshark/wireshark 1.4.4

wireshark/wireshark 1.4.5

wireshark/wireshark 1.4.6

wireshark/wireshark 1.4.7

wireshark/wireshark 1.4.8

wireshark/wireshark 1.4.9

... and 12 more

Published Jun 30, 2012

Tracked Since Feb 18, 2026