Vulnerability Name:

CVE-2012-1593 (CCN-74361)

Assigned:2012-03-27
Published:2012-03-27
Updated:2017-12-29
Summary:epan/dissectors/packet-ansi_a.c in the ANSI A dissector in Wireshark 1.4.x before 1.4.12 and 1.6.x before 1.6.6 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a malformed packet.
Per: http://cwe.mitre.org/data/definitions/476.html

'CWE-476: NULL Pointer Dereference'
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:3.3 Low (CVSS v2 Vector: AV:A/AC:L/Au:N/C:N/I:N/A:P)
2.6 Low (Temporal CVSS v2 Vector: AV:A/AC:L/Au:N/C:N/I:N/A:P/E:POC/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Adjacent_Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
4.3 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P)
3.4 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P/E:POC/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-Other
Vulnerability Consequences:Denial of Service
References:Source: CONFIRM
Type: UNKNOWN
http://anonsvn.wireshark.org/viewvc?view=revision&revision=40962

Source: MITRE
Type: CNA
CVE-2012-1593

Source: FEDORA
Type: UNKNOWN
FEDORA-2012-5256

Source: FEDORA
Type: UNKNOWN
FEDORA-2012-5243

Source: SUSE
Type: UNKNOWN
openSUSE-SU-2012:0558

Source: CCN
Type: SA48548
Wireshark Multiple Denial of Service Vulnerabilities

Source: SECUNIA
Type: UNKNOWN
48548

Source: SECUNIA
Type: UNKNOWN
48986

Source: EXPLOIT-DB
Type: UNKNOWN
18758

Source: MLIST
Type: UNKNOWN
[oss-security] 20120328 Re: CVE Request: Multiple wireshark security flaws resolved in 1.4.12 and 1.6.6

Source: CCN
Type: OSVDB ID: 80711
Wireshark ANSI A Dissector Malformed Packet Handling NULL Pointer Dereference Remote DoS

Source: CCN
Type: BID-52735
Wireshark 'call_dissector()' NULL Pointer Dereference Denial Of Service Vulnerability

Source: SECTRACK
Type: UNKNOWN
1026874

Source: CCN
Type: wnpa-sec-2012-04
Wireshark ANSI A dissector crash

Source: CONFIRM
Type: Vendor Advisory
http://www.wireshark.org/security/wnpa-sec-2012-04.html

Source: CONFIRM
Type: UNKNOWN
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6823

Source: XF
Type: UNKNOWN
wireshark-ansia-dos(74361)

Source: XF
Type: UNKNOWN
wireshark-ansia-dos(74361)

Source: OVAL
Type: UNKNOWN
oval:org.mitre.oval:def:14991

Source: EXPLOIT-DB
Type: EXPLOIT
Offensive Security Exploit Database [04-19-2012]

Vulnerable Configuration:Configuration 1:
  • cpe:/a:wireshark:wireshark:1.4.0:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.4.1:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.4.2:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.4.3:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.4.4:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.4.5:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.4.6:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.4.7:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.4.8:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.4.9:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.4.10:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.4.11:*:*:*:*:*:*:*

  • Configuration CCN 1:
  • cpe:/a:wireshark:wireshark:1.4.0:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.4.1:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.4.2:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.4.3:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.4.5:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.4.6:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.4.7:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.6.0:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.6.1:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.4.8:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.4.9:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.6.2:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.4.10:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.6.3:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.6.4:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.4.11:*:*:*:*:*:*:*
  • OR cpe:/a:wireshark:wireshark:1.6.5:*:*:*:*:*:*:*

  • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20121593
    V
    CVE-2012-1593
    2022-05-20
    oval:org.opensuse.security:def:32242
    P
    Security update for the Linux Kernel (Live Patch 39 for SLE 12 SP3) (Important)
    2021-12-14
    oval:org.opensuse.security:def:32237
    P
    Security update for glib-networking (Important)
    2021-12-13
    oval:org.opensuse.security:def:26182
    P
    Security update for MozillaFirefox (Important)
    2021-12-12
    oval:org.opensuse.security:def:26156
    P
    Security update for open-lldp (Moderate)
    2021-10-26
    oval:org.opensuse.security:def:26141
    P
    Security update for webkit2gtk3 (Important)
    2021-10-06
    oval:org.opensuse.security:def:33019
    P
    Security update for apache2 (Important)
    2021-10-06
    oval:org.opensuse.security:def:32188
    P
    Security update for the Linux Kernel (Live Patch 40 for SLE 12 SP3) (Important)
    2021-09-23
    oval:org.opensuse.security:def:26130
    P
    Security update for ghostscript (Critical)
    2021-09-21
    oval:org.opensuse.security:def:26129
    P
    Security update for gtk-vnc (Moderate)
    2021-09-16
    oval:org.opensuse.security:def:32980
    P
    Security update for spice-vdagent (Moderate)
    2021-08-17
    oval:org.opensuse.security:def:32155
    P
    Security update for the Linux Kernel (Live Patch 35 for SLE 12 SP3) (Important)
    2021-07-27
    oval:org.opensuse.security:def:32132
    P
    Security update for libnettle (Important)
    2021-06-23
    oval:org.opensuse.security:def:42729
    P
    wireshark-1.10.13-0.2.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:36322
    P
    wireshark-1.10.13-0.2.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:36580
    P
    wireshark-1.10.13-0.2.1 on GA media (Moderate)
    2021-06-08
    oval:org.opensuse.security:def:31608
    P
    Security update for xen (Important)
    2021-04-19
    oval:org.opensuse.security:def:26213
    P
    Security update for evolution-data-server (Moderate)
    2021-03-19
    oval:org.opensuse.security:def:32276
    P
    Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP3) (Important)
    2021-03-17
    oval:org.opensuse.security:def:31740
    P
    Security update for the Linux Kernel (Important)
    2021-03-09
    oval:org.opensuse.security:def:26205
    P
    Security update for openssl-1_0_0 (Moderate)
    2021-03-08
    oval:org.opensuse.security:def:26075
    P
    Security update for ImageMagick (Important)
    2021-01-22
    oval:org.opensuse.security:def:26031
    P
    Security update for php74 (Moderate)
    2021-01-14
    oval:org.opensuse.security:def:32098
    P
    Security update for dovecot22 (Important)
    2021-01-04
    oval:org.opensuse.security:def:32006
    P
    Security update for mutt (Important)
    2020-12-07
    oval:org.opensuse.security:def:42463
    P
    wireshark-1.8.6-0.2.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:36056
    P
    wireshark-1.8.6-0.2.1 on GA media (Moderate)
    2020-12-03
    oval:org.opensuse.security:def:26550
    P
    fuse on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25883
    P
    Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:32398
    P
    Security update for unzip (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27320
    P
    wireshark on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31788
    P
    Security update for MozillaFirefox (Important)
    2020-12-01
    oval:org.opensuse.security:def:26555
    P
    glib2 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32608
    P
    systemtap on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26861
    P
    ant on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26333
    P
    Security update for redis (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26323
    P
    Security update for chromium (Important)
    2020-12-01
    oval:org.opensuse.security:def:25681
    P
    Security update for xen (Important)
    2020-12-01
    oval:org.opensuse.security:def:31523
    P
    Security update for rsync (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26448
    P
    Security update for phpMyAdmin (Important)
    2020-12-01
    oval:org.opensuse.security:def:25871
    P
    Security update for gd (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26647
    P
    w3m on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32542
    P
    kvm on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31874
    P
    Security update for cyrus-imapd (Important)
    2020-12-01
    oval:org.opensuse.security:def:26808
    P
    postgresql on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26235
    P
    Security update for ImageMagick (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27578
    P
    wireshark on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25606
    P
    Security update for libjpeg-turbo (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31976
    P
    Security update for jasper (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27019
    P
    python on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32298
    P
    Security update for puppet (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26589
    P
    libltdl7 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25947
    P
    Security update for freerdp (Important)
    2020-12-01
    oval:org.opensuse.security:def:32454
    P
    Security update for xorg-x11-libICE (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31789
    P
    Security update for MozillaFirefox (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26706
    P
    ghostscript-fonts-other on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:33246
    P
    pyxml on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26905
    P
    glibc on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26414
    P
    Security update for python-Django (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26337
    P
    Security update for freexl (Low)
    2020-12-01
    oval:org.opensuse.security:def:25809
    P
    Security update for the Linux Kernel (Important)
    2020-12-01
    oval:org.opensuse.security:def:31534
    P
    Security update for samba (Important)
    2020-12-01
    oval:org.opensuse.security:def:26501
    P
    Security update for chromium (Important)
    2020-12-01
    oval:org.opensuse.security:def:25872
    P
    Security update for ImageMagick (Important)
    2020-12-01
    oval:org.opensuse.security:def:27285
    P
    rsync on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26471
    P
    Security update for Mozilla Thunderbird (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32564
    P
    libpython2_6-1_0 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26847
    P
    yast2 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26284
    P
    Security update for taglib (Low)
    2020-12-01
    oval:org.opensuse.security:def:25617
    P
    Security update for jasper (Low)
    2020-12-01
    oval:org.opensuse.security:def:27054
    P
    wireshark on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31522
    P
    Security update for rsync (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26297
    P
    Security update for libvpx (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32342
    P
    Security update for spice (Important)
    2020-12-01
    oval:org.opensuse.security:def:31832
    P
    Security update for bind (Important)
    2020-12-01
    oval:org.opensuse.security:def:26603
    P
    libsnmp15-32bit on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:32503
    P
    e2fsprogs on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31800
    P
    Security update for SuSEfirewall2 (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:26759
    P
    libpng12-0 on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:33285
    P
    wireshark on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:27543
    P
    python-crypto on GA media (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25605
    P
    Security update for MozillaFirefox (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:31889
    P
    Security update for evince (Important)
    2020-12-01
    oval:org.opensuse.security:def:26381
    P
    Security update for ffmpeg (Moderate)
    2020-12-01
    oval:org.opensuse.security:def:25890
    P
    Security update for php5 (Moderate)
    2020-12-01
    oval:org.mitre.oval:def:14991
    V
    ANSI A dissector vulnerability in Wireshark 1.4.x before 1.4.12 and 1.6.x before 1.6.6
    2013-08-19
    oval:com.ubuntu.precise:def:20121593000
    V
    CVE-2012-1593 on Ubuntu 12.04 LTS (precise) - negligible.
    2012-04-11
    BACK
    wireshark wireshark 1.4.0
    wireshark wireshark 1.4.1
    wireshark wireshark 1.4.2
    wireshark wireshark 1.4.3
    wireshark wireshark 1.4.4
    wireshark wireshark 1.4.5
    wireshark wireshark 1.4.6
    wireshark wireshark 1.4.7
    wireshark wireshark 1.4.8
    wireshark wireshark 1.4.9
    wireshark wireshark 1.4.10
    wireshark wireshark 1.4.11
    wireshark wireshark 1.4.0
    wireshark wireshark 1.4.1
    wireshark wireshark 1.4.2
    wireshark wireshark 1.4.3
    wireshark wireshark 1.4.5
    wireshark wireshark 1.4.6
    wireshark wireshark 1.4.7
    wireshark wireshark 1.6.0
    wireshark wireshark 1.6.1
    wireshark wireshark 1.4.8
    wireshark wireshark 1.4.9
    wireshark wireshark 1.6.2
    wireshark wireshark 1.4.10
    wireshark wireshark 1.6.3
    wireshark wireshark 1.6.4
    wireshark wireshark 1.4.11
    wireshark wireshark 1.6.5