CVE-2012-2394

Wireshark <1.4.13 & 1.6.x <1.6.8 - DoS

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2012-2394. PoCs published by Klaus Heckelmann.

AI-analyzed exploit summary This exploit is a PoC for a denial-of-service vulnerability in Wireshark. It provides a link to a malicious PCAP file that, when opened in vulnerable versions of Wireshark, causes the application to crash.

Description

Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 on the SPARC and Itanium platforms does not properly perform data alignment for a certain structure member, which allows remote attackers to cause a denial of service (application crash) via a (1) ICMP or (2) ICMPv6 Echo Request packet.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Klaus Heckelmann · textdosmultiple
https://www.exploit-db.com/exploits/18920

This exploit is a PoC for a denial-of-service vulnerability in Wireshark. It provides a link to a malicious PCAP file that, when opened in vulnerable versions of Wireshark, causes the application to crash.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target: Wireshark versions 1.6.0 through 1.6.7 and versions 1.4.0 through 1.4.12
No auth needed
Prerequisites: Access to the target system to open the malicious PCAP file
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (9)

Core 9
Core References
Vendor Advisory vendor-advisory x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2012:015
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1027094
Vendor Advisory vendor-advisory x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2012:042
Vendor Advisory x_refsource_confirm
http://www.wireshark.org/security/wnpa-sec-2012-10.html
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/49226
Vendor Advisory vendor-advisory x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2012:080
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/53653

Scores

EPSS 0.0398
EPSS Percentile 89.2%

Details

CWE
CWE-119
Status published
Products (23)
wireshark/wireshark 1.4.0 (2 CPE variants)
wireshark/wireshark 1.4.1 (2 CPE variants)
wireshark/wireshark 1.4.2 (2 CPE variants)
wireshark/wireshark 1.4.3 (2 CPE variants)
wireshark/wireshark 1.4.4 (2 CPE variants)
wireshark/wireshark 1.4.5 (2 CPE variants)
wireshark/wireshark 1.4.6 (2 CPE variants)
wireshark/wireshark 1.4.7 (2 CPE variants)
wireshark/wireshark 1.4.8 (2 CPE variants)
wireshark/wireshark 1.4.9 (2 CPE variants)
... and 13 more
Published Jun 30, 2012
Tracked Since Feb 18, 2026