CVE-2012-6057

Loading...

General

Score:5.0/10.0
Severity:Medium
Category:Numeric Error

Impact Metrics

Confidentiality:None
Integrity:None
Availability:Partial

Exploitability Metrics

Access Vector:Network
Access Complexity:Low
Authentication:None

Relative vulnerabilities

CVE-2012-6052, CVE-2012-6053, CVE-2012-6054, CVE-2012-6055, CVE-2012-6056, CVE-2012-6058, CVE-2012-6059, CVE-2012-6060, CVE-2012-6061, CVE-2012-6062, CVE-2013-1572, CVE-2013-1573, CVE-2013-1574, CVE-2013-1575, CVE-2013-1576, CVE-2013-1577, CVE-2013-1578, CVE-2013-1579, CVE-2013-1580, CVE-2013-1581, CVE-2013-2476, CVE-2013-2479, CVE-2013-2482, CVE-2013-2485, CVE-2013-2486, CVE-2013-2487, CVE-2013-4079, CVE-2013-4080, CVE-2013-4927, CVE-2013-4929, CVE-2013-4931, CVE-2013-5719, CVE-2013-5721, CVE-2013-6339, CVE-2013-7112, CVE-2015-6243, CVE-2015-6246, CVE-2015-6248, CVE-2016-4006, CVE-2016-4079, CVE-2016-4080, CVE-2016-4081, CVE-2016-4082, CVE-2016-4085

Published on 05/12/12 - Updated on 19/09/17

Description

The dissect_eigrp_metric_comm function in epan/dissectors/packet-eigrp.c in the EIGRP dissector in Wireshark 1.8.x before 1.8.4 uses the wrong data type for a certain offset value, which allows remote attackers to cause a denial of service (integer overflow and infinite loop) via a malformed packet.

Category: Numeric Error

CWE-189 (Numeric Errors)
Weaknesses in this category are related to improper calculation or conversion of numbers.

Security Notices

US National Vulnerability DatabaseCVE-2012-6057
Debian LTSDLA-497-1

Exploits

No exploits available for this CVE in our database.

Relative technologies

VendorProduct
wiresharkwireshark

Share this vulnerability with:

Twitter Facebook LinkedIn Mail