CVE-2012-3826
published 2012-06-30CVE-2012-3826: Multiple integer underflows in Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 allow remote attackers to cause a denial of service (loop) via vectors…
PriorityP417low3.3CVSS 2.0
AVAACLAuNCNINAP
EXPLOIT
EPSS
3.44%
87.5th percentile
Multiple integer underflows in Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 allow remote attackers to cause a denial of service (loop) via vectors related to the R3 dissector, a different vulnerability than CVE-2012-2392.
Affected
27 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | wireshark | < wireshark 1.6.8-1 (bookworm) | wireshark 1.6.8-1 (bookworm) |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | — | — |
| wireshark | wireshark | >= 0 < 1.6.8-1 | 1.6.8-1 |
| wireshark | wireshark | >= 0 < 1.6.8-1 | 1.6.8-1 |
CVSS provenance
nvdv2.03.3LOWAV:A/AC:L/Au:N/C:N/I:N/A:P
osv3.3LOW
vendor_debian3.3LOW
vendor_redhat3.3LOW
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
wireshark: Integer overflows in the R3 dissector, leading to DoS (wnpa-sec-2012-08)
vendor_redhat·2012-04-16·CVSS 3.3
CVE-2012-3826 [LOW] CWE-190 wireshark: Integer overflows in the R3 dissector, leading to DoS (wnpa-sec-2012-08)
wireshark: Integer overflows in the R3 dissector, leading to DoS (wnpa-sec-2012-08)
Multiple integer underflows in Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 allow remote attackers to cause a denial of service (loop) via vectors related to the R3 dissector, a different vulnerability than CVE-2012-2392.
Statement: Not Vulnerable. This issue does not affect the version of wireshark as shipped with Red Hat Enterprise Linux 5 and 6.
Package: wireshark (Red Hat Enterprise Linux 5) - Not affected
Package: wireshark (Red Hat Enterprise Linux 6) - Not affected
Debian
CVE-2012-3826: wireshark - Multiple integer underflows in Wireshark 1.4.x before 1.4.13 and 1.6.x before 1....
vendor_debian·2012·CVSS 3.3
CVE-2012-3826 [LOW] CVE-2012-3826: wireshark - Multiple integer underflows in Wireshark 1.4.x before 1.4.13 and 1.6.x before 1....
Multiple integer underflows in Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 allow remote attackers to cause a denial of service (loop) via vectors related to the R3 dissector, a different vulnerability than CVE-2012-2392.
Scope: local
bookworm: resolved (fixed in 1.6.8-1)
bullseye: resolved (fixed in 1.6.8-1)
forky: resolved (fixed in 1.6.8-1)
sid: resolved (fixed in 1.6.8-1)
trixie: resolved (fixed in 1.6.8-1)
GHSA
GHSA-7cq7-rr3p-m677: Multiple integer underflows in Wireshark 1
ghsa_unreviewed·2022-05-17·CVSS 3.3
CVE-2012-3826 [LOW] GHSA-7cq7-rr3p-m677: Multiple integer underflows in Wireshark 1
Multiple integer underflows in Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 allow remote attackers to cause a denial of service (loop) via vectors related to the R3 dissector, a different vulnerability than CVE-2012-2392.
OSV
CVE-2012-3826: Multiple integer underflows in Wireshark 1
osv·2012-06-30·CVSS 3.3
CVE-2012-3826 [LOW] CVE-2012-3826: Multiple integer underflows in Wireshark 1
Multiple integer underflows in Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 allow remote attackers to cause a denial of service (loop) via vectors related to the R3 dissector, a different vulnerability than CVE-2012-2392.
No detection rules found.
Bugzilla
CVE-2012-3826 wireshark: Integer overflows in the R3 dissector, leading to DoS (wnpa-sec-2012-08)
bugzilla·2012-07-02·CVSS 3.3
CVE-2012-3826 [LOW] CVE-2012-3826 wireshark: Integer overflows in the R3 dissector, leading to DoS (wnpa-sec-2012-08)
CVE-2012-3826 wireshark: Integer overflows in the R3 dissector, leading to DoS (wnpa-sec-2012-08)
Common Vulnerabilities and Exposures assigned an identifier CVE-2012-3826 to the following vulnerability:
Multiple integer underflows in Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 allow remote attackers to cause a denial of service (loop) via vectors related to the R3 dissector, a different vulnerability than CVE-2012-2392.
References:
[1] http://www.wireshark.org/security/wnpa-sec-2012-08.html
[2] https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7125
Discussion:
Statement:
Not Vulnerable. This issue does not affect the version of wireshark as shipped with Red Hat Enterprise Linux 5 and 6.
Bugzilla
CVE-2012-2392 wireshark: Infinite and large loops in ANSI MAP, ASF, IEEE 802.11, IEEE 802.3, and LTP dissectors (wnpa-sec-2012-08)
bugzilla·2012-05-23·CVSS 3.3
CVE-2012-2392 [LOW] CVE-2012-2392 wireshark: Infinite and large loops in ANSI MAP, ASF, IEEE 802.11, IEEE 802.3, and LTP dissectors (wnpa-sec-2012-08)
CVE-2012-2392 wireshark: Infinite and large loops in ANSI MAP, ASF, IEEE 802.11, IEEE 802.3, and LTP dissectors (wnpa-sec-2012-08)
Infinite loop denial of service flaws were reported against various Wireshark dissectors:
[1] https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6805 (802.11)
[2] https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7118 (802.3)
[3] https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7119 (ANSIMAP)
[4] https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7120 (ASF)
[5] https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7124 (LTP)
A remote attacker could provide a specially-crafted packet capture file, which once opened in Wireshark could lead to denial of service.
Upstream advisory:
[6] http://www.wireshark.org/security/wnpa-sec-2012-08.html
Discussion:
Cr
Bugzilla
CVE-2012-2392 CVE-2012-2393 CVE-2012-2394 CVE-2012-3825 CVE-2012-3826 wireshark various flaws [fedora-all]
bugzilla·2012-05-23·CVSS 3.3
CVE-2012-2392 [LOW] CVE-2012-2392 CVE-2012-2393 CVE-2012-2394 CVE-2012-3825 CVE-2012-3826 wireshark various flaws [fedora-all]
CVE-2012-2392 CVE-2012-2393 CVE-2012-2394 CVE-2012-3825 CVE-2012-3826 wireshark various flaws [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected Fedora
versions.
For comments that are specific to the vulnerability please use bugs filed
against "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please include this bug ID and the
bug IDs of this bug's parent bugs filed against the "Security Response"
product (the top-level CVE bugs). Please mention the CVE IDs being fixed
in the RPM changelog when available.
Bodhi update submission link:
https://admin.fedoraproject.
http://secunia.com/advisories/49226http://www.securitytracker.com/id?1027094http://www.wireshark.org/security/wnpa-sec-2012-08.htmlhttps://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7125https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15536http://secunia.com/advisories/49226http://www.securitytracker.com/id?1027094http://www.wireshark.org/security/wnpa-sec-2012-08.htmlhttps://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7125https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15536
2012-06-30
Published