Vulnerabilities

CVE-2013-2488

by Fred · 07/03/2013

The DTLS dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 does not validate the fragment offset before invoking the reassembly state machine, which allows remote attackers to cause a denial of service (application crash) via a large offset value that triggers write access to an invalid memory location.

Date published : 2013-03-07

http://anonsvn.wireshark.org/viewvc?view=revision&revision=48011

http://www.wireshark.org/docs/relnotes/wireshark-1.6.14.html

Similar

Tags: Cybersecurity Alert