Candidate: CVE-2013-2478 PublicDate: 2013-03-07 15:55:00 UTC References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2478 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8382 http://www.wireshark.org/security/wnpa-sec-2013-13.html http://www.wireshark.org/docs/relnotes/wireshark-1.8.6.html http://www.wireshark.org/docs/relnotes/wireshark-1.6.14.html http://anonsvn.wireshark.org/viewvc?view=revision&revision=47981 http://anonsvn.wireshark.org/viewvc/trunk-1.8/epan/dissectors/packet-ms-mms.c?r1=47981&r2=47980&pathrev=47981 Description: The dissect_server_info function in epan/dissectors/packet-ms-mms.c in the MS-MMS dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 does not properly manage string lengths, which allows remote attackers to cause a denial of service (application crash) via a malformed packet that (1) triggers an integer overflow or (2) has embedded '\0' characters in a string. Ubuntu-Description: Notes: Bugs: Priority: medium Discovered-by: Assigned-to: CVSS: Patches_wireshark: upstream: http://anonsvn.wireshark.org/viewvc?view=revision&revision=47981 upstream_wireshark: released (1.6.14, 1.8.6) hardy_wireshark: ignored (reached end-of-life) lucid_wireshark: ignored (reached end-of-life) oneiric_wireshark: ignored (reached end-of-life) precise_wireshark: ignored (reached end-of-life) precise/esm_wireshark: DNE (precise was needed) quantal_wireshark: ignored (reached end-of-life) raring_wireshark: ignored (reached end-of-life) saucy_wireshark: ignored (reached end-of-life) trusty_wireshark: not-affected (1.10.6-1) trusty/esm_wireshark: not-affected (1.10.6-1) utopic_wireshark: not-affected (1.12.0+git+4fab41a1-1) vivid_wireshark: not-affected (1.12.1+g01b65bf-2) vivid/stable-phone-overlay_wireshark: DNE vivid/ubuntu-core_wireshark: DNE wily_wireshark: not-affected (1.12.1+g01b65bf-2) xenial_wireshark: not-affected (1.12.1+g01b65bf-2) yakkety_wireshark: not-affected (1.12.1+g01b65bf-2) zesty_wireshark: not-affected (1.12.1+g01b65bf-2) devel_wireshark: not-affected (1.12.1+g01b65bf-2)