Vulnerability Details : CVE-2014-6429
The SnifferDecompress function in wiretap/ngsniffer.c in the DOS Sniffer file parser in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 does not properly handle empty input data, which allows remote attackers to cause a denial of service (application crash) via a crafted file.
Vulnerability category: Input validationDenial of service
Exploit prediction scoring system (EPSS) score for CVE-2014-6429
Probability of exploitation activity in the next 30 days: 0.31%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 66 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2014-6429
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:N/A:P |
10.0
|
2.9
|
NIST |
CWE ids for CVE-2014-6429
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2014-6429
-
http://linux.oracle.com/errata/ELSA-2014-1676
404 Not Found
-
http://rhn.redhat.com/errata/RHSA-2014-1676.html
RHSA-2014:1676 - Security Advisory - Red Hat Customer Portal
-
http://www.wireshark.org/security/wnpa-sec-2014-19.html
Wireshark · wnpa-sec-2014-19 · Sniffer file parser crash
-
http://lists.opensuse.org/opensuse-security-announce/2014-09/msg00033.html
[security-announce] SUSE-SU-2014:1221-1: important: Security update for
-
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=10461
10461 – invalid memory accesses in the SnifferDecompress function
-
http://lists.opensuse.org/opensuse-updates/2014-09/msg00058.html
openSUSE-SU-2014:1249-1: moderate: wireshark: update to 1.10.10 security
-
http://linux.oracle.com/errata/ELSA-2014-1677
404 Not Found
-
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=47c592938ba9f0caeacc4c2ccadb370e72f293a2
code.wireshark Code Review - wireshark.git/commitPatch
-
http://rhn.redhat.com/errata/RHSA-2014-1677.html
RHSA-2014:1677 - Security Advisory - Red Hat Customer Portal
-
http://www.debian.org/security/2014/dsa-3049
Debian -- Security Information -- DSA-3049-1 wireshark
Products affected by CVE-2014-6429
- cpe:2.3:a:wireshark:wireshark:1.10.0:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.10.1:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.10.2:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.10.3:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.10.4:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.10.5:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.10.6:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.10.7:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.10.8:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.12.0:*:*:*:*:*:*:*
- cpe:2.3:a:wireshark:wireshark:1.10.9:*:*:*:*:*:*:*