CVE-2016-4076

Loading...

General

Score:4.3/10.0
Severity:Low
Category:Access Control Error

Impact Metrics

Confidentiality:None
Integrity:None
Availability:Partial

Exploitability Metrics

Access Vector:Network
Access Complexity:Medium
Authentication:None

Published on 25/04/16 - Updated on 03/12/16

Description

epan/dissectors/packet-ncp2222.inc in the NCP dissector in Wireshark 2.0.x before 2.0.3 does not properly initialize memory for search patterns, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.

Category: Access Control Error

CWE-284 (Improper Access Control)
The software does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

Security Notices

US National Vulnerability DatabaseCVE-2016-4076

Exploits

No exploits available for this CVE in our database.

Relative technologies

VendorProduct
wiresharkwireshark

Share this vulnerability with:

Twitter Facebook LinkedIn Mail