Home

CVE-2013-3562

Description

Multiple integer signedness errors in the tvb_unmasked function in epan/dissectors/packet-websocket.c in the Websocket dissector in Wireshark 1.8.x before 1.8.7 allow remote attackers to cause a denial of service (application crash) via a malformed packet.

Risk Information

Base Score
7.5
MODERATE
Vector
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
3.44

Associated Vulnerability

VulnerabilityOS Platform
Multiple vulnerabilities fixed in Wireshark x64 1.8.7Windows
Multiple Vulnerabilities are affected in WireShark For Mac 1.8.0Mac
Multiple Vulnerabilities are affected in WireShark For Mac 1.8.1Mac
Vulnerabilities CVE-2013-3562,CVE-2013-4074,CVE-2013-4081,CVE-2013-4083 are affected in WireShark For Mac 1.8.2Mac
Vulnerabilities CVE-2013-3562,CVE-2013-4074,CVE-2013-4081,CVE-2013-4083 are affected in WireShark For Mac 1.8.3Mac
Vulnerabilities CVE-2013-3562,CVE-2013-4074,CVE-2013-4081,CVE-2013-4083 are affected in WireShark For Mac 1.8.4Mac
Vulnerabilities CVE-2013-3562,CVE-2013-4074,CVE-2013-4081,CVE-2013-4083 are affected in WireShark For Mac 1.8.5Mac
Vulnerabilities CVE-2013-3562,CVE-2013-4074,CVE-2013-4081,CVE-2013-4083 are affected in WireShark For Mac 1.8.6Mac
Multiple vulnerabilities are fixed in Wireshark for Mac 1.8.7Mac

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-338541Wireshark (3.6.24)
PATCH-611905WireShark for Mac (Apple Silicon) (4.4.9)
PATCH-611905WireShark for Mac (Apple Silicon) (4.4.9)
PATCH-611905WireShark for Mac (Apple Silicon) (4.4.9)
PATCH-611905WireShark for Mac (Apple Silicon) (4.4.9)
PATCH-611905WireShark for Mac (Apple Silicon) (4.4.9)
PATCH-611905WireShark for Mac (Apple Silicon) (4.4.9)
PATCH-611905WireShark for Mac (Apple Silicon) (4.4.9)
PATCH-612949WireShark for Mac (4.6.2)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234