CVE-2012-4286 — Wireshark vulnerability

CWE-1898 documents7 sources

Severity

4.3MEDIUMNVD

EPSS

2.2%

top 15.61%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Wireshark SUN Sunos

Timeline

PublishedAug 16

Latest updateMay 17

Description

The pcapng_read_packet_block function in wiretap/pcapng.c in the pcap-ng file parser in Wireshark 1.8.x before 1.8.2 allows user-assisted remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted pcap-ng file.

CVSS vector

AV:N/AC:M/C:N/I:N/A:PExploitability: 8.6 | Impact: 2.9

Affected Packages3 packages

▶Debianwireshark/wireshark< 1.8.2-1+3

▶NVDwireshark/wireshark1.8.0, 1.8.1+1

▶NVDsun/sunos5.11

Patches

Patch: anonsvn.wireshark.org ↗Patch: anonsvn.wireshark.org ↗Patch: anonsvn.wireshark.org ↗

🔴Vulnerability Details

GHSA

GHSA-545q-cmj3-26f6: The pcapng_read_packet_block function in wiretap/pcapng↗2022-05-17

▶

OSV

CVE-2012-4286: The pcapng_read_packet_block function in wiretap/pcapng↗2012-08-16

▶

CVEList

CVE-2012-4286: The pcapng_read_packet_block function in wiretap/pcapng↗2012-08-16

▶

📋Vendor Advisories

Red Hat

wireshark: crash due to zero division in pcnap-ng file parser (wnpa-sec-2012-24)↗2012-08-15

▶

Debian

CVE-2012-4286: wireshark - The pcapng_read_packet_block function in wiretap/pcapng.c in the pcap-ng file pa...↗2012

▶

💬Community

Bugzilla

CVE-2012-4294 CVE-2012-4295 CVE-2012-4286 CVE-2012-4298 CVE-2012-4287 wireshark various flaws [fedora-rawhide]↗2012-08-15

▶

Bugzilla

CVE-2012-4286 wireshark: crash due to zero division in pcnap-ng file parser (wnpa-sec-2012-24)↗2012-08-15

▶