CVE-2012-1594 — Code Injection in Wireshark

CWE-94 — Code Injection CWE-835 — Infinite Loop7 documents6 sources

Severity

3.3LOWNVD

EPSS

0.3%

top 51.26%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Wireshark Debian Wireshark

Timeline

PublishedApr 11

Latest updateMay 14

Description

epan/dissectors/packet-ieee80211.c in the IEEE 802.11 dissector in Wireshark 1.6.x before 1.6.6 allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.

CVSS vector

AV:A/AC:L/C:N/I:N/A:PExploitability: 6.5 | Impact: 2.9

Affected Packages3 packages

▶debiandebian/wireshark< wireshark 1.6.6-1 (bookworm)

▶Debianwireshark/wireshark< 1.6.6-1+3

▶NVDwireshark/wireshark6 versions+5

🔴Vulnerability Details

GHSA

GHSA-hgpm-26x5-62f5: epan/dissectors/packet-ieee80211↗2022-05-14

▶

OSV

CVE-2012-1594: epan/dissectors/packet-ieee80211↗2012-04-11

▶

📋Vendor Advisories

Red Hat

wireshark: Infinite loop in the IEEE 802.11 dissector↗2012-02-08

▶

Debian

CVE-2012-1594: wireshark - epan/dissectors/packet-ieee80211.c in the IEEE 802.11 dissector in Wireshark 1.6...↗2012

▶

💬Community

Bugzilla

CVE-2012-1593 CVE-2012-1594 CVE-2012-1595 CVE-2012-1596 wireshark various flaws [fedora-16]↗2012-04-02

▶

Bugzilla

CVE-2012-1594 wireshark: Infinite loop in the IEEE 802.11 dissector↗2012-03-28

▶