Candidate: CVE-2013-4078
PublicDate: 2013-06-09 21:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4078
 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8729
 https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7862
 http://www.wireshark.org/security/wnpa-sec-2013-36.html
 http://www.wireshark.org/docs/relnotes/wireshark-1.8.8.html
 http://anonsvn.wireshark.org/viewvc?view=revision&revision=46158
 http://anonsvn.wireshark.org/viewvc?view=revision&revision=45566
Description:
 epan/dissectors/packet-rdp.c in the RDP dissector in Wireshark 1.8.x before
 1.8.8 does not validate return values during checks for data availability,
 which allows remote attackers to cause a denial of service (application
 crash) via a crafted packet.
Ubuntu-Description:
Notes:
Bugs:
Priority: low
Discovered-by:
Assigned-to:
CVSS: 


Patches_wireshark:
upstream_wireshark: released (1.8.8)
lucid_wireshark: ignored (reached end-of-life)
precise_wireshark: not-affected (1.6.7-1)
quantal_wireshark: ignored (reached end-of-life)
raring_wireshark: released (1.8.2-5wheezy4build0.13.04.1)
saucy_wireshark: ignored (reached end-of-life)
trusty_wireshark: not-affected (1.10.6-1)
trusty/esm_wireshark: not-affected (1.10.6-1)
utopic_wireshark: not-affected (1.12.0+git+4fab41a1-1)
devel_wireshark: not-affected (1.12.1+g01b65bf-2)