1. Home
  2. CVE Database
  3. CVE-2016-4082
MEDIUM · 5.9

CVE-2016-4082

epan/dissectors/packet-gsm_cbch.c in the GSM CBCH dissector in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 uses the wrong variable to index an array, which allows remote attackers to cause ...

Vulnerability Description

epan/dissectors/packet-gsm_cbch.c in the GSM CBCH dissector in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 uses the wrong variable to index an array, which allows remote attackers to cause a denial of service (out-of-bounds access and application crash) via a crafted packet.

CVSS Score

5.9

MEDIUM

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
NONE
Availability
HIGH

Affected Products

VendorProductVersions
WiresharkWireshark1.12.0
DebianDebian Linux8.0
OracleSolaris11.3

Related Weaknesses (CWE)

CWE-119

References

FAQ

What is CVE-2016-4082?

CVE-2016-4082 is a vulnerability with a CVSS score of 5.9 (MEDIUM). epan/dissectors/packet-gsm_cbch.c in the GSM CBCH dissector in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 uses the wrong variable to index an array, which allows remote attackers to cause ...

How severe is CVE-2016-4082?

CVE-2016-4082 has been rated MEDIUM with a CVSS base score of 5.9/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2016-4082?

Check the references section above for vendor advisories and patch information. Affected products include: Wireshark Wireshark, Debian Debian Linux, Oracle Solaris.