CVE-2012-2392

Wireshark <1.4.13-1.6.8 - DoS

Title source: llm

Description

Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 allows remote attackers to cause a denial of service (infinite loop) via vectors related to the (1) ANSI MAP, (2) ASF, (3) IEEE 802.11, (4) IEEE 802.3, and (5) LTP dissectors.

Exploits (1)

exploitdb WORKING POC

dosmultiple

https://www.exploit-db.com/exploits/18919

View Code ZIP pw:eip

References (12)

[Issue Tracking] https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7118

[Issue Tracking] https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7119

[Issue Tracking] https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7120

[Issue Tracking] https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7124

[Third Party Advisory] http://secunia.com/advisories/49226

[Vendor Advisory] http://www.mandriva.com/security/advisories?name=MDVSA-2012:015

[Vendor Advisory] http://www.mandriva.com/security/advisories?name=MDVSA-2012:042

[Vendor Advisory] http://www.mandriva.com/security/advisories?name=MDVSA-2012:080

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id?1027094

[Vendor Advisory] http://www.wireshark.org/security/wnpa-sec-2012-08.html

[Issue Tracking] https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6805

[Third Party Advisory, VDB Entry] https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15604

Scores

EPSS 0.0232

EPSS Percentile 84.9%

Details

CWE

CWE-399

Status published

Products (22)

wireshark/wireshark 1.4.0

wireshark/wireshark 1.4.1

wireshark/wireshark 1.4.2

wireshark/wireshark 1.4.3

wireshark/wireshark 1.4.4

wireshark/wireshark 1.4.5

wireshark/wireshark 1.4.6

wireshark/wireshark 1.4.7

wireshark/wireshark 1.4.8

wireshark/wireshark 1.4.9

... and 12 more

Published Jun 30, 2012

Tracked Since Feb 18, 2026