Array index error in the channelised_fill_sdh_g707_format function in epan/dissectors/packet-erf.c in the ERF dissector in Wireshark 1.8.x before 1.8.2 might allow remote attackers to cause a denial of service (application crash) via a crafted speed (aka rate) value.
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
Link | Tags |
---|---|
http://www.securityfocus.com/bid/55035 | vdb entry |
http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-erf.c?r1=44419&r2=44418&pathrev=44419 | patch exploit |
http://secunia.com/advisories/54425 | third party advisory |
http://anonsvn.wireshark.org/viewvc?view=revision&revision=44419 | |
https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_wireshark3 | |
http://www.gentoo.org/security/en/glsa/glsa-201308-05.xml | vendor advisory |
http://secunia.com/advisories/51363 | third party advisory |
http://www.wireshark.org/security/wnpa-sec-2012-16.html | vendor advisory |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15718 | vdb entry signature |
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7563 | |
http://secunia.com/advisories/50276 | third party advisory |
https://hermes.opensuse.org/messages/15514562 | vendor advisory |