The dissect_sip_common function in epan/dissectors/packet-sip.c in the SIP dissector in Wireshark 1.8.x before 1.8.12 and 1.10.x before 1.10.4 does not check for empty lines, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.
References
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2013-12-19 22:55
Updated : 2024-02-28 12:00
NVD link : CVE-2013-7112
Mitre link : CVE-2013-7112
CVE.ORG link : CVE-2013-7112
JSON object : View
Products Affected
wireshark
- wireshark
CWE
CWE-20
Improper Input Validation