Integer Signedness Errors in Wireshark Affecting Websocket Dissector
CVE-2013-3562

Currently unrated

Key Information:

Vendor

Opensuse

Vendor
CVE Published:
25 May 2013

What is CVE-2013-3562?

Multiple integer signedness errors have been identified in the tvb_unmasked function within the Websocket dissector of Wireshark. These vulnerabilities allow remote attackers to craft and send malicious packets that can lead to an application crash, resulting in a denial of service. The issue primarily affects versions of Wireshark 1.8.x prior to 1.8.7, necessitating users to update their software to mitigate risks associated with such attacks.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.