Home

CVE-2011-2698

Description

Off-by-one error in the elem_cell_id_aux function in epan/dissectors/packet-ansi_a.c in the ANSI MAP dissector in Wireshark 1.4.x before 1.4.8 and 1.6.x before 1.6.1 allows remote attackers to cause a denial of service (infinite loop) via an invalid packet.

Risk Information

Base Score
7.5
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
3.09

Associated Vulnerability

VulnerabilityOS Platform
Vulnerabilities CVE-2011-2698 are fixed in Wireshark x64 1.4.8Windows
Vulnerabilities CVE-2011-2698 are fixed in Wireshark x64 1.6.1Windows
Multiple Vulnerabilities are affected in Wireshark (X64) 1.4.0Windows
Multiple Vulnerabilities are affected in Wireshark (X64) 1.4.1Windows
Multiple Vulnerabilities are affected in Wireshark (X64) 1.4.2Windows
Multiple Vulnerabilities are affected in Wireshark (X64) 1.4.3Windows
Multiple Vulnerabilities are affected in Wireshark (X64) 1.4.4Windows
Multiple Vulnerabilities are affected in Wireshark (X64) 1.4.5Windows
Multiple Vulnerabilities are affected in Wireshark (X64) 1.4.6Windows
Multiple Vulnerabilities are affected in Wireshark (X64) 1.4.7Windows
Multiple Vulnerabilities are affected in Wireshark (X64) 1.6.0Windows
Vulnerabilities CVE-2011-2698 are fixed in Wireshark for Mac 1.6.1Mac
Vulnerabilities CVE-2011-2698 are fixed in Wireshark for Mac 1.4.8Mac

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-338541Wireshark (3.6.24)
PATCH-338541Wireshark (3.6.24)
PATCH-352320Wireshark (X64) (4.6.0)
PATCH-352320Wireshark (X64) (4.6.0)
PATCH-352320Wireshark (X64) (4.6.0)
PATCH-352320Wireshark (X64) (4.6.0)
PATCH-352320Wireshark (X64) (4.6.0)
PATCH-352320Wireshark (X64) (4.6.0)
PATCH-352320Wireshark (X64) (4.6.0)
PATCH-352320Wireshark (X64) (4.6.0)
PATCH-352320Wireshark (X64) (4.6.0)
PATCH-612949WireShark for Mac (4.6.2)
PATCH-612949WireShark for Mac (4.6.2)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234