The dissect_spdu function in epan/dissectors/packet-ses.c in the SES dissector in Wireshark 1.10.x before 1.10.10 and 1.12.x before 1.12.1 does not initialize a certain ID value, which allows remote attackers to cause a denial of service (application crash) via a crafted packet.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2014-09-20T10:00:00
Updated: 2024-08-06T12:17:23.737Z
Reserved: 2014-09-16T00:00:00
Link: CVE-2014-6428
Vulnrichment
No data.
NVD
Status : Modified
Published: 2014-09-20T10:55:06.480
Modified: 2024-11-21T02:14:21.677
Link: CVE-2014-6428
Redhat