← back
CVE-2012-2394

CVE-2012-2394

EPSS 4.0%
Wireshark 1.4.x before 1.4.13 and 1.6.x before 1.6.8 on the SPARC and Itanium platforms does not properly perform data alignment for a certain structure member, which allows remote attackers to cause a denial of service (application crash) via a (1) ICMP or (2) ICMPv6 Echo Request packet.
Affected products
n/a · n/a
public PoCs found1
exploitdbwww.exploit-db.com/exploits/18920unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://anonsvn.wireshark.org/viewvc?view=revision&revision=42393https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7221http://secunia.com/advisories/49226http://www.mandriva.com/security/advisories?name=MDVSA-2012:015http://www.mandriva.com/security/advisories?name=MDVSA-2012:042http://www.mandriva.com/security/advisories?name=MDVSA-2012:080http://www.securityfocus.com/bid/53653http://www.securitytracker.com/id?1027094http://www.wireshark.org/security/wnpa-sec-2012-10.html