Vulnerabilities

CVE-2013-4081

by Fred · 09/06/2013

The http_payload_subdissector function in epan/dissectors/packet-http.c in the HTTP dissector in Wireshark 1.6.x before 1.6.16 and 1.8.x before 1.8.8 does not properly determine when to use a recursive approach, which allows remote attackers to cause a denial of service (stack consumption) via a crafted packet.

Date published : 2013-06-09

http://www.securityfocus.com/bid/60505

http://anonsvn.wireshark.org/viewvc/trunk/epan/dissectors/packet-http.c?r1=49623&r2=49622&pathrev=49623

Similar

Tags: Cybersecurity Alert