Denial of service in Wireshark - CVE-2016-7176
Published: September 13, 2016
Vulnerability identifier: #VU415
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2016-7176
CWE-ID: CWE-362
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Wireshark.org
Affected software:
Wireshark
Wireshark
Detailed vulnerability description
The vulnerability allows remote user to cause the denial of service on the target system.
The weakness exists due to causing of the H.225 dissector crash. A remote attacker can send and inject specially crafted malformed packet or trick the victim into reading its trace file.
Successful exploitation of this vulnerability will allow an attacker to cause a denial of service on the vulnerable system.
The weakness exists due to causing of the H.225 dissector crash. A remote attacker can send and inject specially crafted malformed packet or trick the victim into reading its trace file.
Successful exploitation of this vulnerability will allow an attacker to cause a denial of service on the vulnerable system.
How to mitigate CVE-2016-7176
Update to 2.0.6. or later.