CVE-2014-2282CVE-2014-2282

Affected configuration(s):

cpe:/a:wireshark:wireshark:1.10.0
cpe:/a:wireshark:wireshark:1.10.1
cpe:/a:wireshark:wireshark:1.10.2
cpe:/a:wireshark:wireshark:1.10.3
cpe:/a:wireshark:wireshark:1.10.4
cpe:/a:wireshark:wireshark:1.10.5

Date published: 2014-03-11T09:01:10.093-04:00

Date last modified: 2016-04-04T09:14:52.620-04:00

CVSS Score: 4.3

Principal attack vector: NETWORK

Complexity:  MEDIUM

Reference URL: http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-m3ua.c?r1=51608&r2=51607&pathrev=51608

Summary: The dissect_protocol_data_parameter function in epan/dissectors/packet-m3ua.c in the M3UA dissector in Wireshark 1.10.x before 1.10.6 does not properly allocate memory, which allows remote attackers to cause a denial of service (application crash) via a crafted SS7 MTP3 packet.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.