CVE-2013-3562

2013-05-25 05:18:16 2018-10-30 17:27:34

Multiple integer signedness errors in the tvb_unmasked function in epan/dissectors/packet-websocket.c in the Websocket dissector in Wireshark 1.8.x before 1.8.7 allow remote attackers to cause a denial of service (application crash) via a malformed packet.

Vector

NETWORK

Complexity

LOW

Authentication

NONE

Confidentiality

NONE

Integrity

NONE

Availability

PARTIAL

Opensuse Opensuse 11.4 (not an official CPE) Debian Linux 7.0 Opensuse Opensuse 12.2 (not an official CPE) Opensuse Opensuse 12.3 (not an official CPE)

Wireshark 1.8.6 Wireshark 1.8.5 Wireshark 1.8.4 Wireshark 1.8.3 Wireshark 1.8.2 Wireshark 1.8.1 Wireshark 1.8.0

Opensuse - Opensuse Debian - Debian linux Wireshark - Wireshark

Advisory	Patch	Confirmed	Link
			http://www.wireshark.org/security/wnpa-sec-2013-29.html
			GLSA-201308-05
			DSA-2700
			openSUSE-SU-2013:1086
			http://anonsvn.wireshark.org/viewvc?view=revision&revisi...
			openSUSE-SU-2013:1084
			https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8499
			http://anonsvn.wireshark.org/viewvc/trunk-1.8/epan/disse...

CVE-2013-3562

2013-05-25 05:18:16 2018-10-30 17:27:34

Vector

Complexity

Authentication

Confidentiality

Integrity

Availability

Numeric Errors (ID 189)