CVE-2013-5720 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Wireshark

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer7 documents6 sources

Severity

5.0MEDIUMNVD

EPSS

0.4%

top 40.47%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Wireshark Debian Wireshark

Timeline

PublishedSep 16

Latest updateMay 14

Description

Buffer overflow in the RTPS dissector in Wireshark 1.8.x before 1.8.10 and 1.10.x before 1.10.2 allows remote attackers to cause a denial of service (application crash) via a crafted packet.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages3 packages

▶debiandebian/wireshark< wireshark 1.10.2-1 (bookworm)

▶Debianwireshark/wireshark< 1.10.2-1+3

▶NVDwireshark/wireshark12 versions+11

🔴Vulnerability Details

GHSA

GHSA-cffp-7472-6r96: Buffer overflow in the RTPS dissector in Wireshark 1↗2022-05-14

▶

OSV

CVE-2013-5720: Buffer overflow in the RTPS dissector in Wireshark 1↗2013-09-16

▶

📋Vendor Advisories

Red Hat

wireshark: RTPS dissector crash (wnpa-sec-2013-57)↗2013-09-10

▶

Debian

CVE-2013-5720: wireshark - Buffer overflow in the RTPS dissector in Wireshark 1.8.x before 1.8.10 and 1.10....↗2013

▶

💬Community

Bugzilla

CVE-2013-5720 wireshark: RTPS dissector crash (wnpa-sec-2013-57)↗2013-09-12

▶

Bugzilla

CVE-2013-5720 wireshark: RTPS dissector crash (wnpa-sec-2013-57) [fedora-all]↗2013-09-12

▶