Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).
CVE-2012-2392 — Integer Overflow or Wraparound in Wireshark
Severity
3.3LOWNVD
EPSS
2.3%
top 15.17%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
Timeline
PublishedJun 30
Latest updateMay 17
Description
Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 allows remote attackers to cause a denial of service (infinite loop) via vectors related to the (1) ANSI MAP, (2) ASF, (3) IEEE 802.11, (4) IEEE 802.3, and (5) LTP dissectors.
CVSS vector
AV:A/AC:L/C:N/I:N/A:PExploitability: 6.5 | Impact: 2.9
Affected Packages3 packages
🔴Vulnerability Details
6💥Exploits & PoCs
1📋Vendor Advisories
6Red Hat▶
wireshark: Infinite and large loops in ANSI MAP, ASF, IEEE 802.11, IEEE 802.3, and LTP dissectors (wnpa-sec-2012-08)↗2012-05-21
Red Hat▶
wireshark: Integer overflows in BACapp and Bluetooth HCI dissectors, leading to DoS (wnpa-sec-2012-08)↗2012-04-16
Red Hat
▶
Debian▶
CVE-2012-3826: wireshark - Multiple integer underflows in Wireshark 1.4.x before 1.4.13 and 1.6.x before 1....↗2012
Debian▶
CVE-2012-2392: wireshark - Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 allows remote attackers to ...↗2012
💬Community
4Bugzilla▶
CVE-2012-3826 wireshark: Integer overflows in the R3 dissector, leading to DoS (wnpa-sec-2012-08)↗2012-07-02
Bugzilla▶
CVE-2012-3825 wireshark: Integer overflows in BACapp and Bluetooth HCI dissectors, leading to DoS (wnpa-sec-2012-08)↗2012-07-02
Bugzilla▶
CVE-2012-2392 wireshark: Infinite and large loops in ANSI MAP, ASF, IEEE 802.11, IEEE 802.3, and LTP dissectors (wnpa-sec-2012-08)↗2012-05-23
Bugzilla▶
CVE-2012-2392 CVE-2012-2393 CVE-2012-2394 CVE-2012-3825 CVE-2012-3826 wireshark various flaws [fedora-all]↗2012-05-23