The dissect_sip_common function in epan/dissectors/packet-sip.c in the SIP dissector in Wireshark 1.8.x before 1.8.12 and 1.10.x before 1.10.4 does not check for empty lines, which allows remote attackers to cause a denial of service (infinite loop) via a crafted packet.
References
Configurations
Configuration 1 (hide)
|
Information
Published : 2013-12-19 14:55
Updated : 2014-04-18 21:45
NVD link : CVE-2013-7112
Mitre link : CVE-2013-7112
JSON object : View
CWE
CWE-20
Improper Input Validation
Products Affected
wireshark
- wireshark