CVE-2013-2475Wireshark vulnerability

7 documents6 sources
Severity
3.3LOWNVD
EPSS
0.4%
top 41.56%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
WiresharkDebian WiresharkOpensuse
Timeline
PublishedMar 7
Latest updateMay 14

Description

The TCP dissector in Wireshark 1.8.x before 1.8.6 allows remote attackers to cause a denial of service (application crash) via a malformed packet.

CVSS vector

AV:A/AC:L/C:N/I:N/A:PExploitability: 6.5 | Impact: 2.9

Affected Packages4 packages

debiandebian/wireshark< wireshark 1.8.2-5 (bookworm)
Debianwireshark/wireshark< 1.8.2-5+3
NVDwireshark/wireshark6 versions+5
NVDopensuse/opensuse4 versions+3

🔴Vulnerability Details

2
GHSA
GHSA-f45f-c9q4-rqr3: The TCP dissector in Wireshark 12022-05-14
OSV
CVE-2013-2475: The TCP dissector in Wireshark 12013-03-07

📋Vendor Advisories

2
Red Hat
wireshark: TCP dissector crash (wnpa-sec-2013-10, upstream bug 8274)2013-03-06
Debian
CVE-2013-2475: wireshark - The TCP dissector in Wireshark 1.8.x before 1.8.6 allows remote attackers to cau...2013

💬Community

2
Bugzilla
wireshark various flaws (fixed in upstream 1.8.6 version) [fedora-18]2013-03-08
Bugzilla
CVE-2013-2475 wireshark: TCP dissector crash (wnpa-sec-2013-10, upstream bug 8274)2013-03-07