Remote Denial of Service in Wireshark DCP ETSI Dissector
CVE-2012-4285
Currently unrated
Summary
The DCP ETSI dissector in Wireshark versions 1.4.x prior to 1.4.15, 1.6.x prior to 1.6.10, and 1.8.x prior to 1.8.2 contains a vulnerability in the dissect_pft function, which allows remote attackers to trigger a denial of service condition. Specifically, an attacker can exploit this vulnerability by sending a zero-length message, resulting in a divide-by-zero error that crashes the application. This issue highlights the importance of validating input data in network protocol analysis tools to avert potential disruptions.
References
Timeline
Vulnerability published
Vulnerability Reserved