CVE-2012-3825
published 2012-06-30CVE-2012-3825: Multiple integer overflows in Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 allow remote attackers to cause a denial of service (infinite loop) via…
PriorityP416low3.3CVSS 2.0
AVAACLAuNCNINAP
EXPLOIT
EPSS
3.35%
87.2th percentile
Multiple integer overflows in Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 allow remote attackers to cause a denial of service (infinite loop) via vectors related to the (1) BACapp and (2) Bluetooth HCI dissectors, a different vulnerability than CVE-2012-2392.
Affected
27 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | wireshark | < wireshark 1.6.8-1 (bookworm) | wireshark 1.6.8-1 (bookworm) |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | >= 0 < 1.6.8-1 | 1.6.8-1 |
| wireshark | wireshark | >= 0 < 1.6.8-1 | 1.6.8-1 |
CVSS provenance
nvdv2.03.3LOWAV:A/AC:L/Au:N/C:N/I:N/A:P
osv3.3LOW
vendor_debian3.3LOW
vendor_redhat3.3LOW
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
wireshark: Integer overflows in BACapp and Bluetooth HCI dissectors, leading to DoS (wnpa-sec-2012-08)
vendor_redhat·2012-04-16·CVSS 3.3
CVE-2012-3825 [LOW] CWE-190 wireshark: Integer overflows in BACapp and Bluetooth HCI dissectors, leading to DoS (wnpa-sec-2012-08)
wireshark: Integer overflows in BACapp and Bluetooth HCI dissectors, leading to DoS (wnpa-sec-2012-08)
Multiple integer overflows in Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 allow remote attackers to cause a denial of service (infinite loop) via vectors related to the (1) BACapp and (2) Bluetooth HCI dissectors, a different vulnerability than CVE-2012-2392.
Package: wireshark (Red Hat Enterprise Linux 5) - Will not fix
Debian
CVE-2012-3825: wireshark - Multiple integer overflows in Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6...
vendor_debian·2012·CVSS 3.3
CVE-2012-3825 [LOW] CVE-2012-3825: wireshark - Multiple integer overflows in Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6...
Multiple integer overflows in Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 allow remote attackers to cause a denial of service (infinite loop) via vectors related to the (1) BACapp and (2) Bluetooth HCI dissectors, a different vulnerability than CVE-2012-2392.
Scope: local
bookworm: resolved (fixed in 1.6.8-1)
bullseye: resolved (fixed in 1.6.8-1)
forky: resolved (fixed in 1.6.8-1)
sid: resolved (fixed in 1.6.8-1)
trixie: resolved (fixed in 1.6.8-1)
GHSA
GHSA-w9xg-mh3r-5q8v: Multiple integer overflows in Wireshark 1
ghsa_unreviewed·2022-05-17·CVSS 3.3
CVE-2012-3825 [LOW] GHSA-w9xg-mh3r-5q8v: Multiple integer overflows in Wireshark 1
Multiple integer overflows in Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 allow remote attackers to cause a denial of service (infinite loop) via vectors related to the (1) BACapp and (2) Bluetooth HCI dissectors, a different vulnerability than CVE-2012-2392.
OSV
CVE-2012-3825: Multiple integer overflows in Wireshark 1
osv·2012-06-30·CVSS 3.3
CVE-2012-3825 [LOW] CVE-2012-3825: Multiple integer overflows in Wireshark 1
Multiple integer overflows in Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 allow remote attackers to cause a denial of service (infinite loop) via vectors related to the (1) BACapp and (2) Bluetooth HCI dissectors, a different vulnerability than CVE-2012-2392.
No detection rules found.
Bugzilla
CVE-2012-3825 wireshark: Integer overflows in BACapp and Bluetooth HCI dissectors, leading to DoS (wnpa-sec-2012-08)
bugzilla·2012-07-02·CVSS 3.3
CVE-2012-3825 [LOW] CVE-2012-3825 wireshark: Integer overflows in BACapp and Bluetooth HCI dissectors, leading to DoS (wnpa-sec-2012-08)
CVE-2012-3825 wireshark: Integer overflows in BACapp and Bluetooth HCI dissectors, leading to DoS (wnpa-sec-2012-08)
Common Vulnerabilities and Exposures assigned an identifier CVE-2012-3825 to the following vulnerability:
Multiple integer overflows in Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 allow remote attackers to cause a denial of service (infinite loop) via vectors related to the (1) BACapp and (2) Bluetooth HCI dissectors, a different vulnerability than CVE-2012-2392.
References:
[1] http://www.wireshark.org/security/wnpa-sec-2012-08.html
[2] https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7121
[3] https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7122
Discussion:
There are essentially two issues in this CVE, one dealing with BACapp and the other with Bluetoot
Bugzilla
CVE-2012-2392 wireshark: Infinite and large loops in ANSI MAP, ASF, IEEE 802.11, IEEE 802.3, and LTP dissectors (wnpa-sec-2012-08)
bugzilla·2012-05-23·CVSS 3.3
CVE-2012-2392 [LOW] CVE-2012-2392 wireshark: Infinite and large loops in ANSI MAP, ASF, IEEE 802.11, IEEE 802.3, and LTP dissectors (wnpa-sec-2012-08)
CVE-2012-2392 wireshark: Infinite and large loops in ANSI MAP, ASF, IEEE 802.11, IEEE 802.3, and LTP dissectors (wnpa-sec-2012-08)
Infinite loop denial of service flaws were reported against various Wireshark dissectors:
[1] https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6805 (802.11)
[2] https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7118 (802.3)
[3] https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7119 (ANSIMAP)
[4] https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7120 (ASF)
[5] https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7124 (LTP)
A remote attacker could provide a specially-crafted packet capture file, which once opened in Wireshark could lead to denial of service.
Upstream advisory:
[6] http://www.wireshark.org/security/wnpa-sec-2012-08.html
Discussion:
Cr
Bugzilla
CVE-2012-2392 CVE-2012-2393 CVE-2012-2394 CVE-2012-3825 CVE-2012-3826 wireshark various flaws [fedora-all]
bugzilla·2012-05-23·CVSS 3.3
CVE-2012-2392 [LOW] CVE-2012-2392 CVE-2012-2393 CVE-2012-2394 CVE-2012-3825 CVE-2012-3826 wireshark various flaws [fedora-all]
CVE-2012-2392 CVE-2012-2393 CVE-2012-2394 CVE-2012-3825 CVE-2012-3826 wireshark various flaws [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected Fedora
versions.
For comments that are specific to the vulnerability please use bugs filed
against "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please include this bug ID and the
bug IDs of this bug's parent bugs filed against the "Security Response"
product (the top-level CVE bugs). Please mention the CVE IDs being fixed
in the RPM changelog when available.
Bodhi update submission link:
https://admin.fedoraproject.
http://secunia.com/advisories/49226http://www.securitytracker.com/id?1027094http://www.wireshark.org/security/wnpa-sec-2012-08.htmlhttps://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7121https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7122https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15478http://secunia.com/advisories/49226http://www.securitytracker.com/id?1027094http://www.wireshark.org/security/wnpa-sec-2012-08.htmlhttps://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7121https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7122https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15478
2012-06-30
Published