Home

CVE-2013-4081

Description

The http_payload_subdissector function in epan/dissectors/packet-http.c in the HTTP dissector in Wireshark 1.6.x before 1.6.16 and 1.8.x before 1.8.8 does not properly determine when to use a recursive approach, which allows remote attackers to cause a denial of service (stack consumption) via a crafted packet.

Risk Information

Base Score
7.5
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.944

Associated Vulnerability

VulnerabilityOS Platform
Vulnerabilities CVE-2013-4083,CVE-2013-4081,CVE-2013-4074 are fixed in Wireshark x64 1.6.16Windows
Multiple vulnerabilities fixed in Wireshark x64 1.8.8Windows
Multiple Vulnerabilities are affected in WireShark For Mac 1.6.0Mac
Multiple Vulnerabilities are affected in WireShark For Mac 1.6.1Mac
Multiple Vulnerabilities are affected in WireShark For Mac 1.6.2Mac
Multiple Vulnerabilities are affected in WireShark For Mac 1.6.3Mac
Multiple Vulnerabilities are affected in WireShark For Mac 1.6.4Mac
Multiple Vulnerabilities are affected in WireShark For Mac 1.6.5Mac
Multiple Vulnerabilities are affected in WireShark For Mac 1.6.6Mac
Multiple Vulnerabilities are affected in WireShark For Mac 1.6.7Mac
Multiple Vulnerabilities are affected in WireShark For Mac 1.6.8Mac
Multiple Vulnerabilities are affected in WireShark For Mac 1.6.9Mac
Multiple Vulnerabilities are affected in WireShark For Mac 1.8.0Mac
Multiple Vulnerabilities are affected in WireShark For Mac 1.8.1Mac
Vulnerabilities CVE-2013-3562,CVE-2013-4074,CVE-2013-4081,CVE-2013-4083 are affected in WireShark For Mac 1.8.2Mac
Vulnerabilities CVE-2013-3562,CVE-2013-4074,CVE-2013-4081,CVE-2013-4083 are affected in WireShark For Mac 1.8.3Mac
Vulnerabilities CVE-2013-3562,CVE-2013-4074,CVE-2013-4081,CVE-2013-4083 are affected in WireShark For Mac 1.8.4Mac
Vulnerabilities CVE-2013-3562,CVE-2013-4074,CVE-2013-4081,CVE-2013-4083 are affected in WireShark For Mac 1.8.5Mac
Vulnerabilities CVE-2013-3562,CVE-2013-4074,CVE-2013-4081,CVE-2013-4083 are affected in WireShark For Mac 1.8.6Mac
Vulnerabilities CVE-2013-4074,CVE-2013-4081,CVE-2013-4083 are affected in WireShark For Mac 1.6.10Mac
Vulnerabilities CVE-2013-4074,CVE-2013-4081,CVE-2013-4083 are affected in WireShark For Mac 1.6.11Mac
Vulnerabilities CVE-2013-4074,CVE-2013-4081,CVE-2013-4083 are affected in WireShark For Mac 1.6.12Mac
Vulnerabilities CVE-2013-4074,CVE-2013-4081,CVE-2013-4083 are affected in WireShark For Mac 1.6.14Mac
Vulnerabilities CVE-2013-4074,CVE-2013-4081,CVE-2013-4083 are affected in WireShark For Mac 1.6.15Mac
Vulnerabilities CVE-2013-4074,CVE-2013-4081,CVE-2013-4083 are affected in WireShark For Mac 1.8.7Mac
Multiple vulnerabilities are fixed in Wireshark for Mac 1.8.8Mac

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-338541Wireshark (3.6.24)
PATCH-338541Wireshark (3.6.24)
PATCH-611905WireShark for Mac (Apple Silicon) (4.4.9)
PATCH-611905WireShark for Mac (Apple Silicon) (4.4.9)
PATCH-611905WireShark for Mac (Apple Silicon) (4.4.9)
PATCH-611905WireShark for Mac (Apple Silicon) (4.4.9)
PATCH-611905WireShark for Mac (Apple Silicon) (4.4.9)
PATCH-611905WireShark for Mac (Apple Silicon) (4.4.9)
PATCH-611905WireShark for Mac (Apple Silicon) (4.4.9)
PATCH-611905WireShark for Mac (Apple Silicon) (4.4.9)
PATCH-611905WireShark for Mac (Apple Silicon) (4.4.9)
PATCH-611905WireShark for Mac (Apple Silicon) (4.4.9)
PATCH-611905WireShark for Mac (Apple Silicon) (4.4.9)
PATCH-611905WireShark for Mac (Apple Silicon) (4.4.9)
PATCH-611905WireShark for Mac (Apple Silicon) (4.4.9)
PATCH-611905WireShark for Mac (Apple Silicon) (4.4.9)
PATCH-611905WireShark for Mac (Apple Silicon) (4.4.9)
PATCH-611905WireShark for Mac (Apple Silicon) (4.4.9)
PATCH-611905WireShark for Mac (Apple Silicon) (4.4.9)
PATCH-611905WireShark for Mac (Apple Silicon) (4.4.9)
PATCH-611905WireShark for Mac (Apple Silicon) (4.4.9)
PATCH-611905WireShark for Mac (Apple Silicon) (4.4.9)
PATCH-611905WireShark for Mac (Apple Silicon) (4.4.9)
PATCH-611905WireShark for Mac (Apple Silicon) (4.4.9)
PATCH-611905WireShark for Mac (Apple Silicon) (4.4.9)
PATCH-612949WireShark for Mac (4.6.2)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234