Skip to main content

Numeric Errors

CVE-2013-1582

Severity Low
Score 2.9/10

Summary

The dissect_clnp function in epan/dissectors/packet-clnp.c in the CLNP dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly manage an offset variable, which allows remote attackers to cause a denial of service (infinite loop or application crash) via a malformed packet.

  • MEDIUM
  • ADJACENT_NETWORK
  • NONE
  • NONE
  • NONE
  • PARTIAL

CWE-189 - Numeric Errors

Weaknesses in this category are related to improper calculation or conversion of numbers.

References

Advisory Timeline

  • Published