CVE-2012-2393

Wireshark 1.4.x < 1.4.13 and 1.6.x < 1.6.8 - Denial of Service in DIAMETER Dissector

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2012-2393. PoCs published by Wireshark.

AI-analyzed exploit summary The exploit is a PoC for a denial-of-service vulnerability in Wireshark due to improper memory allocation. It provides a link to a malicious PCAP file that can crash the application.

Description

epan/dissectors/packet-diameter.c in the DIAMETER dissector in Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 does not properly construct certain array data structures, which allows remote attackers to cause a denial of service (application crash) via a crafted packet that triggers incorrect memory allocation.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Wireshark · textdosmultiple

https://www.exploit-db.com/exploits/18918

View Code ZIP pw:eip

The exploit is a PoC for a denial-of-service vulnerability in Wireshark due to improper memory allocation. It provides a link to a malicious PCAP file that can crash the application.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Wireshark 1.4.0 to 1.4.12 and 1.6.0 to 1.6.7

No auth needed

Prerequisites: A vulnerable version of Wireshark · Ability to deliver the malicious PCAP file to the target

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (11)

Core 11

Core References

Issue Tracking x_refsource_confirm

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7138

Vendor Advisory vendor-advisory x_refsource_mandriva

http://www.mandriva.com/security/advisories?name=MDVSA-2012:015

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id?1027094

Vendor Advisory vendor-advisory x_refsource_mandriva

http://www.mandriva.com/security/advisories?name=MDVSA-2012:042

Various Sources x_refsource_confirm

http://anonsvn.wireshark.org/viewvc?view=revision&revision=42200

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/53652

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15558

Third Party Advisory third-party-advisory x_refsource_secunia

http://secunia.com/advisories/49226

Vendor Advisory x_refsource_confirm

http://www.wireshark.org/security/wnpa-sec-2012-09.html

Vendor Advisory vendor-advisory x_refsource_mandriva

http://www.mandriva.com/security/advisories?name=MDVSA-2012:080

Patch x_refsource_confirm

http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-diameter.c?r1=42200&r2=42199&pathrev=42200

Scores

EPSS 0.0377

EPSS Percentile 88.6%

Details

CWE

CWE-119

Status published

Products (22)

wireshark/wireshark 1.4.0

wireshark/wireshark 1.4.1

wireshark/wireshark 1.4.2

wireshark/wireshark 1.4.3

wireshark/wireshark 1.4.4

wireshark/wireshark 1.4.5

wireshark/wireshark 1.4.6

wireshark/wireshark 1.4.7

wireshark/wireshark 1.4.8

wireshark/wireshark 1.4.9

... and 12 more

Published Jun 30, 2012

Tracked Since Feb 18, 2026