CVE-2013-4927

Loading...

General

Score:7.8/10.0
Severity:High
Category:Numeric Error

Impact Metrics

Confidentiality:None
Integrity:None
Availability:Complete

Exploitability Metrics

Access Vector:Network
Access Complexity:Low
Authentication:None

Relative vulnerabilities

CVE-2011-1143, CVE-2011-1590, CVE-2011-1957, CVE-2011-1958, CVE-2011-1959, CVE-2011-2174, CVE-2011-2175, CVE-2011-2597, CVE-2011-2698, CVE-2011-4102, CVE-2012-0041, CVE-2012-0042, CVE-2012-0066, CVE-2012-0067, CVE-2012-1595, CVE-2012-2392, CVE-2012-3825, CVE-2012-4285, CVE-2012-4288, CVE-2012-4289, CVE-2012-4290, CVE-2012-4291, CVE-2012-4292, CVE-2012-5595, CVE-2012-5597, CVE-2012-5598, CVE-2012-5599, CVE-2012-5600, CVE-2012-6052, CVE-2012-6053, CVE-2012-6054, CVE-2012-6055, CVE-2012-6056, CVE-2012-6057, CVE-2012-6058, CVE-2012-6059, CVE-2012-6060, CVE-2012-6061, CVE-2012-6062, CVE-2013-1572, CVE-2013-1573, CVE-2013-1574, CVE-2013-1575, CVE-2013-1576, CVE-2013-1577, CVE-2013-1578, CVE-2013-1579, CVE-2013-1580, CVE-2013-1581, CVE-2013-2476, CVE-2013-2479, CVE-2013-2482, CVE-2013-2485, CVE-2013-2486, CVE-2013-2487, CVE-2013-3557, CVE-2013-3559, CVE-2013-3561, CVE-2013-4079, CVE-2013-4080, CVE-2013-4081, CVE-2013-4083, CVE-2013-4929, CVE-2013-4930, CVE-2013-4931, CVE-2013-4932, CVE-2013-4933, CVE-2013-4934, CVE-2013-4935, CVE-2013-4936, CVE-2013-5719, CVE-2013-5721, CVE-2013-6339, CVE-2013-7112, CVE-2014-2281, CVE-2014-2299, CVE-2015-6243, CVE-2015-6246, CVE-2015-6248, CVE-2016-4006, CVE-2016-4079, CVE-2016-4080, CVE-2016-4081, CVE-2016-4082, CVE-2016-4085

Published on 30/07/13 - Updated on 19/09/17

Description

Integer signedness error in the get_type_length function in epan/dissectors/packet-btsdp.c in the Bluetooth SDP dissector in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 allows remote attackers to cause a denial of service (loop and CPU consumption) via a crafted packet.

Category: Numeric Error

CWE-189 (Numeric Errors)
Weaknesses in this category are related to improper calculation or conversion of numbers.

Security Notices

US National Vulnerability DatabaseCVE-2013-4927
Amazon Linux ALAS-2013-251
Agence Nationale de la Sécurité des Systèmes d'Information CERTA-2013-AVI-444, CERTA-2013-AVI-543, CERTFR-2014-AVI-502
CentOS CESA-2013:1569, CESA-2014:0341
Debian LTSDLA-497-1
Oracle Linux ELSA-2013-1569, ELSA-2014-0341
Redhat RHSA-2013:1569, RHSA-2014:0341
SUSE SUSE-SU-2013:1450

Exploits

No exploits available for this CVE in our database.

Relative technologies

VendorProduct
wiresharkwireshark

Share this vulnerability with:

Twitter Facebook LinkedIn Mail