Remote Denial of Service in Wireshark DCP ETSI Dissector
CVE-2012-4285

Currently unrated

Key Information:

Vendor
Oracle
Vendor
CVE Published:
16 August 2012

Summary

The DCP ETSI dissector in Wireshark versions 1.4.x prior to 1.4.15, 1.6.x prior to 1.6.10, and 1.8.x prior to 1.8.2 contains a vulnerability in the dissect_pft function, which allows remote attackers to trigger a denial of service condition. Specifically, an attacker can exploit this vulnerability by sending a zero-length message, resulting in a divide-by-zero error that crashes the application. This issue highlights the importance of validating input data in network protocol analysis tools to avert potential disruptions.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.