CVE-2012-4295 : Array index error in the channelised_fill_sdh_g707_format function in epan/dissectors/packet-erf.c in the ERF dissector

Array index error in the channelised_fill_sdh_g707_format function in epan/dissectors/packet-erf.c in the ERF dissector in Wireshark 1.8.x before 1.8.2 might allow remote attackers to cause a denial of service (application crash) via a crafted speed (aka rate) value.

Published 2012-08-16 10:38:09

Updated 2017-09-19 01:35:22

Source MITRE

View at NVD, CVE.org

Vulnerability category: Input validationDenial of service

Exploit prediction scoring system (EPSS) score for CVE-2012-4295

Probability of exploitation activity in the next 30 days: 0.47%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 75 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2012-4295

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
3.3	LOW	AV:A/AC:L/Au:N/C:N/I:N/A:P	6.5	2.9	NIST
Access Vector: Adjacent Network Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: None Availability Impact: Partial

CWE ids for CVE-2012-4295

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2012-4295

http://www.securityfocus.com/bid/55035

Wireshark Versions Prior to 1.8.2 Multiple Security Vulnerabilities

CVEs referencing this url
http://www.gentoo.org/security/en/glsa/glsa-201308-05.xml

Wireshark: Multiple vulnerabilities (GLSA 201308-05) — Gentoo security

CVEs referencing this url
http://www.wireshark.org/security/wnpa-sec-2012-16.html

Wireshark · wnpa-sec-2012-16 · Wireshark ERF dissector flaws
Vendor Advisory

CVEs referencing this url
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_wireshark3

Multiple vulnerabilities in Wireshark | Oracle Third Party Vulnerability Resolution Blog

CVEs referencing this url
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7563

7563 – Capture file that crashes wireshark

CVEs referencing this url
http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-erf.c?r1=44419&r2=44418&pathrev=44419

code.wireshark Code Review - wireshark.git/tree
Exploit;Patch
http://anonsvn.wireshark.org/viewvc?view=revision&revision=44419

code.wireshark Code Review - wireshark.git/tree
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15718

Repository / Oval Repository
https://hermes.opensuse.org/messages/15514562

openSUSE.org - 503

CVEs referencing this url

Products affected by CVE-2012-4295

SUN » Sunos » Version: 5.11
cpe:2.3:o:sun:sunos:5.11:*:*:*:*:*:*:*
Matching versions
Wireshark » Wireshark » Version: 1.8.0
cpe:2.3:a:wireshark:wireshark:1.8.0:*:*:*:*:*:*:*
Matching versions
Wireshark » Wireshark » Version: 1.8.1
cpe:2.3:a:wireshark:wireshark:1.8.1:*:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2012-4295

Exploit prediction scoring system (EPSS) score for CVE-2012-4295

CVSS scores for CVE-2012-4295

CWE ids for CVE-2012-4295

References for CVE-2012-4295

Products affected by CVE-2012-4295