CVE-2012-3548

EUVD-2012-3495
The dissect_drda function in epan/dissectors/packet-drda.c in Wireshark 1.6.x through 1.6.10 and 1.8.x through 1.8.2 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a small value for a certain length field in a capture file.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:N/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 65%
Affected Products (NVD)
VendorProductVersion
wiresharkwireshark
1.8.0
wiresharkwireshark
1.8.1
wiresharkwireshark
1.8.2
wiresharkwireshark
1.6.0
wiresharkwireshark
1.6.1
wiresharkwireshark
1.6.2
wiresharkwireshark
1.6.3
wiresharkwireshark
1.6.4
wiresharkwireshark
1.6.5
wiresharkwireshark
1.6.6
wiresharkwireshark
1.6.7
wiresharkwireshark
1.6.8
wiresharkwireshark
1.6.9
wiresharkwireshark
1.6.10
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
wireshark
bookworm
4.0.11-1~deb12u1
fixed
bookworm (security)
4.0.11-1~deb12u1
fixed
bullseye
3.4.10-0+deb11u1
fixed
bullseye (security)
3.4.16-0+deb11u1
fixed
sid
4.4.1-1
fixed
squeeze
not-affected
trixie
4.4.0-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
wireshark
hardy
not-affected
lucid
not-affected
natty
not-affected
oneiric
ignored
precise
ignored
quantal
ignored
raring
ignored
saucy
ignored
trusty
not-affected
utopic
not-affected
vivid
not-affected
wily
not-affected
xenial
not-affected
yakkety
not-affected
zesty
not-affected
Common Weakness Enumeration
References
http://openwall.com/lists/oss-security/2012/08/29/4
http://secunia.com/advisories/54425
http://www.gentoo.org/security/en/glsa/glsa-201308-05.xml
http://www.securitytracker.com/id?1027464
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7666
https://bugzilla.redhat.com/show_bug.cgi?id=849926
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15646
http://openwall.com/lists/oss-security/2012/08/29/4
http://secunia.com/advisories/54425
http://www.gentoo.org/security/en/glsa/glsa-201308-05.xml
http://www.securitytracker.com/id?1027464
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7666
https://bugzilla.redhat.com/show_bug.cgi?id=849926
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15646